Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

1 – 6 of 6 results

CVE-2019-6690

Medium priority

Some fixes available 5 of 12

python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be...

1 affected packages

python-gnupg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python-gnupg Not affected Vulnerable Vulnerable Fixed Fixed
Show less packages

CVE-2018-12020

Medium priority

Some fixes available 23 of 40

mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the...

5 affected packages

enigmail, gnupg, gnupg1, gnupg2, python-gnupg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
enigmail Not in release Vulnerable Vulnerable Vulnerable Vulnerable
gnupg Not in release Not in release Not in release Not in release Fixed
gnupg1 Not affected Not affected Not affected Vulnerable Not in release
gnupg2 Fixed Fixed Fixed Fixed Fixed
python-gnupg Not affected Not affected Not affected Fixed Fixed
Show less packages

CVE-2014-1929

Medium priority
Ignored

python-gnupg 0.3.5 and 0.3.6 allows context-dependent attackers to have an unspecified impact via vectors related to "option injection through positional arguments." NOTE: this vulnerability exists because of an incomplete fix for...

1 affected packages

python-gnupg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python-gnupg
Show less packages

CVE-2014-1928

Medium priority
Ignored

The shell_quote function in python-gnupg 0.3.5 does not properly escape characters, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "\"...

1 affected packages

python-gnupg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python-gnupg Not affected
Show less packages

CVE-2014-1927

Medium priority

Some fixes available 1 of 6

The shell_quote function in python-gnupg 0.3.5 does not properly quote strings, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using...

1 affected packages

python-gnupg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python-gnupg Not affected
Show less packages

CVE-2013-7323

Medium priority

Some fixes available 1 of 6

python-gnupg before 0.3.5 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in unspecified vectors.

1 affected packages

python-gnupg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python-gnupg Not affected
Show less packages