Vulnerabilities > SKS Keyserver Project

DATE CVE VULNERABILITY TITLE RISK
2019-06-29 CVE-2019-13050 Improper Certificate Validation vulnerability in multiple products
Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network.
7.5
2014-05-08 CVE-2014-3207 Cross-Site Scripting vulnerability in SKS Keyserver Project SKS Keyserver
Cross-site scripting (XSS) vulnerability in wserver.ml in SKS Keyserver before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to pks/lookup/undefined1.
4.3