Vulnerabilities > Gnupg > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-06-13 CVE-2018-0495 Information Exposure Through Discrepancy vulnerability in multiple products
Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP.
local
high complexity
gnupg canonical debian redhat oracle CWE-203
4.7
2018-06-08 CVE-2018-12020 Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products
mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option.
network
low complexity
redhat canonical debian gnupg CWE-706
5.0
2018-04-04 CVE-2018-9234 Key Management Errors vulnerability in multiple products
GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey.
network
low complexity
gnupg canonical CWE-320
5.0
2018-02-07 CVE-2018-6829 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Gnupg Libgcrypt
cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack).
network
low complexity
gnupg CWE-327
5.0
2017-06-11 CVE-2017-9526 Information Exposure vulnerability in Gnupg Libgcrypt
In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key.
network
high complexity
gnupg CWE-200
5.9
2016-12-13 CVE-2016-6313 Information Exposure vulnerability in multiple products
The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits.
network
low complexity
gnupg debian canonical CWE-200
5.3
2013-10-28 CVE-2013-4402 Improper Input Validation vulnerability in multiple products
The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.
network
low complexity
gnupg canonical CWE-20
5.0
2013-10-10 CVE-2013-4351 Cryptographic Issues vulnerability in Gnupg
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.
network
gnupg CWE-310
5.8
2007-03-06 CVE-2007-1263 GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection.
network
low complexity
gnu gnupg
5.0
2006-11-29 CVE-2006-6169 Remote Buffer Overflow vulnerability in Gnupg 1.4/2.0
Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the make_printable_string function to return a longer string than expected while constructing a prompt.
network
gnupg
6.8