Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/gnupg2@2.2.27-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/gnupg2@2.2.27-2%2Bdeb11u2?distro=trixie
Next non-vulnerable version 2.2.27-2+deb11u3
Latest non-vulnerable version 2.4.8-5
Risk 1.2
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-zx65-nc6s-8yf9
Aliases:
CVE-2025-30258
gnupg: verification DoS due to a malicious subkey in the keyring
2.2.46-5
Affected by 0 other vulnerabilities.
2.4.7-21+deb13u1
Affected by 1 other vulnerability.
2.4.9-4
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (29)
Vulnerability Summary Aliases
VCID-3jt3-2y11-yuc5 security update CVE-2015-1606
VCID-3vdu-cchd-ekcp gnupg/gpgme signed message spoofing CVE-2007-1263
VCID-4fcw-qdwc-4ycd security update CVE-2014-9087
VCID-4jxu-65cg-gbag security flaw CVE-2006-3082
VCID-5tpu-zawb-f3as Due to a design flaw, the output of GnuPG's Random Number Generator (RNG) is predictable. CVE-2016-6313
VCID-79fy-gfr6-zkgq GnuPG: GnuPG: Stack-based buffer overflow in tpm2daemon allows arbitrary code execution CVE-2026-24882
VCID-9cm4-mu3q-2yey security update CVE-2018-12020
VCID-9jj4-5uem-kkbs Multiple vulnerabilities have been discovered in GnuPG, the worst of which could lead to signature spoofing. CVE-2022-34903
VCID-ba35-1hmw-m3hg GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys CVE-2018-9234
VCID-bfu8-pr4x-guek gnupg: AEAD preference list overflow CVE-2020-25125
VCID-bwr1-kgn5-27f7 GnuPG may erroneously report a modified or unsigned message has a valid digital signature. CVE-2006-0049
VCID-c2pw-ysyx-q7an GnuPG is vulnerable to a buffer overflow and an erroneous function pointer dereference that can result in the execution of arbitrary code. CVE-2006-6235
VCID-e1yx-b7wn-83af gnupg NULL pointer dereference CVE-2008-1530
VCID-j4gx-2342-mkdv Applications relying on GnuPG to authenticate digital signatures may incorrectly believe a signature has been verified. CVE-2006-0455
VCID-k6h1-5v39-jfeb GnuPG: GnuPG: Remote code execution and denial of service via crafted CMS EnvelopedData message CVE-2026-24881
VCID-mhw6-1d6f-pbcp A vulnerability in GnuPG can lead to a Denial of Service condition. CVE-2014-4617
VCID-n34c-87th-d7gz The GPGSM utility included in GnuPG contains a use-after-free vulnerability that may allow an unauthenticated remote attacker to execute arbitrary code. CVE-2010-2547
VCID-nfzs-w4pe-bubj gnupg2: memcpy with overlapping ranges (keybox_search.c) CVE-2015-1607
VCID-ng6k-ru7r-9kdp GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write CVE-2025-68973
VCID-qapz-hmnm-x7dd gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of service CVE-2018-1000858
VCID-qeqa-7wwa-6qdn The send_pinentry_environment function in asshelp.c in gpg2 on SUSE Linux 9.3 does not properly handle certain options, which can prevent pinentry from being found and causes S/MIME signing to fail. CVE-2005-2023
VCID-rqt5-xvxx-47h6 gnupg2: OpenPGP Key Certification Forgeries with SHA-1 CVE-2019-14855
VCID-sbp2-xwuf-wbgc GnuPG: GnuPG: Denial of service due to specially crafted signature packet CVE-2026-24883
VCID-st4p-dn2v-dbg3 Multiple vulnerabilities have been discovered in GnuPG and Libgcrypt, which may result in execution of arbitrary code, Denial of Service, or the disclosure of private keys. CVE-2012-6085
VCID-vmyv-5rvk-akh3 Multiple vulnerabilities have been discovered in GnuPG and Libgcrypt, which may result in execution of arbitrary code, Denial of Service, or the disclosure of private keys. CVE-2013-4351
VCID-xcyv-byj5-8fb3 security update CVE-2017-7526
VCID-xgfe-d1s6-eufu GnuPG is vulnerable to an integer overflow that could lead to the execution of arbitrary code. CVE-2006-3746
VCID-y6zm-whbe-gfg4 GnuPG is vulnerable to a buffer overflow and an erroneous function pointer dereference that can result in the execution of arbitrary code. CVE-2006-6169
VCID-zytz-gsnc-yqh9 Multiple vulnerabilities have been discovered in GnuPG and Libgcrypt, which may result in execution of arbitrary code, Denial of Service, or the disclosure of private keys. CVE-2013-4402

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T13:27:23.028536+00:00 Debian Importer Fixing VCID-n34c-87th-d7gz https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:58:11.801379+00:00 Debian Importer Fixing VCID-qapz-hmnm-x7dd https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:46:29.200072+00:00 Debian Importer Fixing VCID-9cm4-mu3q-2yey https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:37:41.817439+00:00 Debian Importer Fixing VCID-nfzs-w4pe-bubj https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:32:19.664204+00:00 Debian Importer Fixing VCID-bfu8-pr4x-guek https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:29:07.638912+00:00 Debian Importer Fixing VCID-rqt5-xvxx-47h6 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:22:18.333044+00:00 Debian Importer Fixing VCID-xcyv-byj5-8fb3 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:13:17.167220+00:00 Debian Importer Fixing VCID-sbp2-xwuf-wbgc https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:57:09.865094+00:00 Debian Importer Fixing VCID-c2pw-ysyx-q7an https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:41:52.049022+00:00 Debian Importer Fixing VCID-j4gx-2342-mkdv https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:34:23.087611+00:00 Debian Importer Fixing VCID-e1yx-b7wn-83af https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:32:01.687239+00:00 Debian Importer Fixing VCID-5tpu-zawb-f3as https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:20:49.778934+00:00 Debian Importer Fixing VCID-ng6k-ru7r-9kdp https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:19:53.871611+00:00 Debian Importer Fixing VCID-vmyv-5rvk-akh3 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:54:59.233720+00:00 Debian Importer Fixing VCID-ba35-1hmw-m3hg https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:32:01.922686+00:00 Debian Importer Fixing VCID-xgfe-d1s6-eufu https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:23:05.938296+00:00 Debian Importer Fixing VCID-mhw6-1d6f-pbcp https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:23:04.989444+00:00 Debian Importer Fixing VCID-qeqa-7wwa-6qdn https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:13:30.880727+00:00 Debian Importer Fixing VCID-9jj4-5uem-kkbs https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:11:59.169803+00:00 Debian Importer Fixing VCID-4jxu-65cg-gbag https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:59:47.660149+00:00 Debian Importer Fixing VCID-k6h1-5v39-jfeb https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:37:33.498826+00:00 Debian Importer Fixing VCID-bwr1-kgn5-27f7 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:33:42.826035+00:00 Debian Importer Fixing VCID-y6zm-whbe-gfg4 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:28:13.852005+00:00 Debian Importer Fixing VCID-3jt3-2y11-yuc5 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:21:31.046494+00:00 Debian Importer Fixing VCID-st4p-dn2v-dbg3 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:14:23.482891+00:00 Debian Importer Fixing VCID-4fcw-qdwc-4ycd https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:14:15.719610+00:00 Debian Importer Fixing VCID-zytz-gsnc-yqh9 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:48:01.656730+00:00 Debian Importer Fixing VCID-3vdu-cchd-ekcp https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T09:17:06.450967+00:00 Debian Importer Fixing VCID-n34c-87th-d7gz https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:54:34.204181+00:00 Debian Importer Fixing VCID-qapz-hmnm-x7dd https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:45:41.677075+00:00 Debian Importer Fixing VCID-9cm4-mu3q-2yey https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:39:08.349477+00:00 Debian Importer Fixing VCID-nfzs-w4pe-bubj https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:35:12.237778+00:00 Debian Importer Fixing VCID-bfu8-pr4x-guek https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:32:54.098814+00:00 Debian Importer Fixing VCID-rqt5-xvxx-47h6 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:27:51.510182+00:00 Debian Importer Fixing VCID-xcyv-byj5-8fb3 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:21:36.089681+00:00 Debian Importer Fixing VCID-sbp2-xwuf-wbgc https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:09:33.856160+00:00 Debian Importer Fixing VCID-c2pw-ysyx-q7an https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:58:15.632639+00:00 Debian Importer Fixing VCID-j4gx-2342-mkdv https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:53:22.846632+00:00 Debian Importer Fixing VCID-e1yx-b7wn-83af https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:51:40.861933+00:00 Debian Importer Fixing VCID-5tpu-zawb-f3as https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:43:27.334416+00:00 Debian Importer Fixing VCID-ng6k-ru7r-9kdp https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:42:43.128933+00:00 Debian Importer Fixing VCID-vmyv-5rvk-akh3 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:23:58.155576+00:00 Debian Importer Fixing VCID-ba35-1hmw-m3hg https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:06:38.470201+00:00 Debian Importer Fixing VCID-xgfe-d1s6-eufu https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:59:50.957882+00:00 Debian Importer Fixing VCID-mhw6-1d6f-pbcp https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:59:50.068014+00:00 Debian Importer Fixing VCID-qeqa-7wwa-6qdn https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:52:29.425455+00:00 Debian Importer Fixing VCID-9jj4-5uem-kkbs https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:51:20.410457+00:00 Debian Importer Fixing VCID-4jxu-65cg-gbag https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:41:58.978379+00:00 Debian Importer Fixing VCID-k6h1-5v39-jfeb https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:24:28.191479+00:00 Debian Importer Fixing VCID-bwr1-kgn5-27f7 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:22:21.280646+00:00 Debian Importer Fixing VCID-y6zm-whbe-gfg4 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:18:56.944177+00:00 Debian Importer Fixing VCID-3jt3-2y11-yuc5 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:15:02.880272+00:00 Debian Importer Fixing VCID-st4p-dn2v-dbg3 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:10:45.895697+00:00 Debian Importer Fixing VCID-4fcw-qdwc-4ycd https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:10:40.632932+00:00 Debian Importer Fixing VCID-zytz-gsnc-yqh9 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:54:46.218243+00:00 Debian Importer Fixing VCID-3vdu-cchd-ekcp https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:25:32.005021+00:00 Debian Importer Fixing VCID-sbp2-xwuf-wbgc https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.976600+00:00 Debian Importer Fixing VCID-79fy-gfr6-zkgq https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.908649+00:00 Debian Importer Fixing VCID-k6h1-5v39-jfeb https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.845747+00:00 Debian Importer Fixing VCID-ng6k-ru7r-9kdp https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.771264+00:00 Debian Importer Affected by VCID-zx65-nc6s-8yf9 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.737789+00:00 Debian Importer Fixing VCID-9jj4-5uem-kkbs https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.680533+00:00 Debian Importer Fixing VCID-bfu8-pr4x-guek https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.636694+00:00 Debian Importer Fixing VCID-rqt5-xvxx-47h6 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.587062+00:00 Debian Importer Fixing VCID-ba35-1hmw-m3hg https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.540120+00:00 Debian Importer Fixing VCID-9cm4-mu3q-2yey https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.497920+00:00 Debian Importer Fixing VCID-qapz-hmnm-x7dd https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.455074+00:00 Debian Importer Fixing VCID-xcyv-byj5-8fb3 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.414149+00:00 Debian Importer Fixing VCID-5tpu-zawb-f3as https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.370874+00:00 Debian Importer Fixing VCID-nfzs-w4pe-bubj https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.322747+00:00 Debian Importer Fixing VCID-3jt3-2y11-yuc5 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.275030+00:00 Debian Importer Fixing VCID-4fcw-qdwc-4ycd https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.231435+00:00 Debian Importer Fixing VCID-mhw6-1d6f-pbcp https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.181229+00:00 Debian Importer Fixing VCID-zytz-gsnc-yqh9 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.131034+00:00 Debian Importer Fixing VCID-vmyv-5rvk-akh3 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.079923+00:00 Debian Importer Fixing VCID-st4p-dn2v-dbg3 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.029012+00:00 Debian Importer Fixing VCID-n34c-87th-d7gz https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:30.983982+00:00 Debian Importer Fixing VCID-e1yx-b7wn-83af https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:30.936119+00:00 Debian Importer Fixing VCID-3vdu-cchd-ekcp https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:30.890523+00:00 Debian Importer Fixing VCID-c2pw-ysyx-q7an https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:30.840743+00:00 Debian Importer Fixing VCID-y6zm-whbe-gfg4 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:30.793800+00:00 Debian Importer Fixing VCID-xgfe-d1s6-eufu https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:30.749374+00:00 Debian Importer Fixing VCID-4jxu-65cg-gbag https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:30.702227+00:00 Debian Importer Fixing VCID-j4gx-2342-mkdv https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:30.661791+00:00 Debian Importer Fixing VCID-bwr1-kgn5-27f7 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:30.618478+00:00 Debian Importer Fixing VCID-qeqa-7wwa-6qdn https://security-tracker.debian.org/tracker/data/json 38.1.0