VulnerableCode Package Details - pkg:deb/debian/gnupg2@2.2.27-2%2Bdeb11u2

Search for packages

Vulnerability	Summary	Fixed by
VCID-ng6k-ru7r-9kdp Aliases: CVE-2025-68973	GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write	2.2.40-1.1+deb12u2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-zx65-nc6s-8yf9 Aliases: CVE-2025-30258	gnupg: verification DoS due to a malicious subkey in the keyring	2.4.7-21+deb13u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-ng6k-ru7r-9kdp
Aliases:
CVE-2025-68973

GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write

2.2.40-1.1+deb12u2
Affected by 1 other vulnerability.

VCID-zx65-nc6s-8yf9
Aliases:
CVE-2025-30258

gnupg: verification DoS due to a malicious subkey in the keyring

2.4.7-21+deb13u1
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
VCID-9jj4-5uem-kkbs	Multiple vulnerabilities have been discovered in GnuPG, the worst of which could lead to signature spoofing.	CVE-2022-34903
VCID-rqt5-xvxx-47h6	gnupg2: OpenPGP Key Certification Forgeries with SHA-1	CVE-2019-14855

Vulnerability

Summary

Aliases

VCID-9jj4-5uem-kkbs

Multiple vulnerabilities have been discovered in GnuPG, the worst of which could lead to signature spoofing.

CVE-2022-34903

VCID-rqt5-xvxx-47h6

gnupg2: OpenPGP Key Certification Forgeries with SHA-1

CVE-2019-14855

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T11:14:22.473569+00:00	Debian Importer	Affected by	VCID-zx65-nc6s-8yf9	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-15T23:33:51.876288+00:00	Debian Oval Importer	Fixing	VCID-rqt5-xvxx-47h6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:37:52.272039+00:00	Debian Oval Importer	Fixing	VCID-9jj4-5uem-kkbs	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:12:37.979055+00:00	Debian Oval Importer	Affected by	VCID-ng6k-ru7r-9kdp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-13T07:38:35.091519+00:00	Debian Importer	Affected by	VCID-zx65-nc6s-8yf9	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T23:08:54.872463+00:00	Debian Oval Importer	Fixing	VCID-rqt5-xvxx-47h6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:24:05.085246+00:00	Debian Oval Importer	Fixing	VCID-9jj4-5uem-kkbs	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:59:15.010605+00:00	Debian Oval Importer	Affected by	VCID-ng6k-ru7r-9kdp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T22:42:36.602126+00:00	Debian Oval Importer	Fixing	VCID-rqt5-xvxx-47h6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T19:04:44.147580+00:00	Debian Importer	Affected by	VCID-zx65-nc6s-8yf9	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T17:12:18.152988+00:00	Debian Oval Importer	Fixing	VCID-9jj4-5uem-kkbs	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:48:46.336999+00:00	Debian Oval Importer	Affected by	VCID-ng6k-ru7r-9kdp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0