Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/gnupg2@2.2.40-1.1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/gnupg2@2.2.40-1.1%2Bdeb12u2?distro=trixie
Next non-vulnerable version 2.2.46-5
Latest non-vulnerable version 2.4.8-5
Risk 1.2
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-zx65-nc6s-8yf9
Aliases:
CVE-2025-30258
gnupg: verification DoS due to a malicious subkey in the keyring
2.2.46-5
Affected by 0 other vulnerabilities.
2.4.7-21+deb13u1
Affected by 1 other vulnerability.
2.4.9-4
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (29)
Vulnerability Summary Aliases
VCID-3jt3-2y11-yuc5 security update CVE-2015-1606
VCID-3vdu-cchd-ekcp gnupg/gpgme signed message spoofing CVE-2007-1263
VCID-4fcw-qdwc-4ycd security update CVE-2014-9087
VCID-4jxu-65cg-gbag security flaw CVE-2006-3082
VCID-5tpu-zawb-f3as Due to a design flaw, the output of GnuPG's Random Number Generator (RNG) is predictable. CVE-2016-6313
VCID-79fy-gfr6-zkgq GnuPG: GnuPG: Stack-based buffer overflow in tpm2daemon allows arbitrary code execution CVE-2026-24882
VCID-9cm4-mu3q-2yey security update CVE-2018-12020
VCID-9jj4-5uem-kkbs Multiple vulnerabilities have been discovered in GnuPG, the worst of which could lead to signature spoofing. CVE-2022-34903
VCID-ba35-1hmw-m3hg GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys CVE-2018-9234
VCID-bfu8-pr4x-guek gnupg: AEAD preference list overflow CVE-2020-25125
VCID-bwr1-kgn5-27f7 GnuPG may erroneously report a modified or unsigned message has a valid digital signature. CVE-2006-0049
VCID-c2pw-ysyx-q7an GnuPG is vulnerable to a buffer overflow and an erroneous function pointer dereference that can result in the execution of arbitrary code. CVE-2006-6235
VCID-e1yx-b7wn-83af gnupg NULL pointer dereference CVE-2008-1530
VCID-j4gx-2342-mkdv Applications relying on GnuPG to authenticate digital signatures may incorrectly believe a signature has been verified. CVE-2006-0455
VCID-k6h1-5v39-jfeb GnuPG: GnuPG: Remote code execution and denial of service via crafted CMS EnvelopedData message CVE-2026-24881
VCID-mhw6-1d6f-pbcp A vulnerability in GnuPG can lead to a Denial of Service condition. CVE-2014-4617
VCID-n34c-87th-d7gz The GPGSM utility included in GnuPG contains a use-after-free vulnerability that may allow an unauthenticated remote attacker to execute arbitrary code. CVE-2010-2547
VCID-nfzs-w4pe-bubj gnupg2: memcpy with overlapping ranges (keybox_search.c) CVE-2015-1607
VCID-ng6k-ru7r-9kdp GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write CVE-2025-68973
VCID-qapz-hmnm-x7dd gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of service CVE-2018-1000858
VCID-qeqa-7wwa-6qdn The send_pinentry_environment function in asshelp.c in gpg2 on SUSE Linux 9.3 does not properly handle certain options, which can prevent pinentry from being found and causes S/MIME signing to fail. CVE-2005-2023
VCID-rqt5-xvxx-47h6 gnupg2: OpenPGP Key Certification Forgeries with SHA-1 CVE-2019-14855
VCID-sbp2-xwuf-wbgc GnuPG: GnuPG: Denial of service due to specially crafted signature packet CVE-2026-24883
VCID-st4p-dn2v-dbg3 Multiple vulnerabilities have been discovered in GnuPG and Libgcrypt, which may result in execution of arbitrary code, Denial of Service, or the disclosure of private keys. CVE-2012-6085
VCID-vmyv-5rvk-akh3 Multiple vulnerabilities have been discovered in GnuPG and Libgcrypt, which may result in execution of arbitrary code, Denial of Service, or the disclosure of private keys. CVE-2013-4351
VCID-xcyv-byj5-8fb3 security update CVE-2017-7526
VCID-xgfe-d1s6-eufu GnuPG is vulnerable to an integer overflow that could lead to the execution of arbitrary code. CVE-2006-3746
VCID-y6zm-whbe-gfg4 GnuPG is vulnerable to a buffer overflow and an erroneous function pointer dereference that can result in the execution of arbitrary code. CVE-2006-6169
VCID-zytz-gsnc-yqh9 Multiple vulnerabilities have been discovered in GnuPG and Libgcrypt, which may result in execution of arbitrary code, Denial of Service, or the disclosure of private keys. CVE-2013-4402

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T13:27:23.033756+00:00 Debian Importer Fixing VCID-n34c-87th-d7gz https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:58:11.805963+00:00 Debian Importer Fixing VCID-qapz-hmnm-x7dd https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:46:29.204748+00:00 Debian Importer Fixing VCID-9cm4-mu3q-2yey https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:37:41.823794+00:00 Debian Importer Fixing VCID-nfzs-w4pe-bubj https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:32:19.668919+00:00 Debian Importer Fixing VCID-bfu8-pr4x-guek https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:29:07.644969+00:00 Debian Importer Fixing VCID-rqt5-xvxx-47h6 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:22:18.338076+00:00 Debian Importer Fixing VCID-xcyv-byj5-8fb3 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:13:17.172956+00:00 Debian Importer Fixing VCID-sbp2-xwuf-wbgc https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:57:09.871925+00:00 Debian Importer Fixing VCID-c2pw-ysyx-q7an https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:41:52.054380+00:00 Debian Importer Fixing VCID-j4gx-2342-mkdv https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:34:23.094223+00:00 Debian Importer Fixing VCID-e1yx-b7wn-83af https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:32:01.693042+00:00 Debian Importer Fixing VCID-5tpu-zawb-f3as https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:20:49.791700+00:00 Debian Importer Fixing VCID-ng6k-ru7r-9kdp https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:19:53.878619+00:00 Debian Importer Fixing VCID-vmyv-5rvk-akh3 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:54:59.240033+00:00 Debian Importer Fixing VCID-ba35-1hmw-m3hg https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:32:01.927975+00:00 Debian Importer Fixing VCID-xgfe-d1s6-eufu https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:23:05.944759+00:00 Debian Importer Fixing VCID-mhw6-1d6f-pbcp https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:23:04.994821+00:00 Debian Importer Fixing VCID-qeqa-7wwa-6qdn https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:13:30.894714+00:00 Debian Importer Fixing VCID-9jj4-5uem-kkbs https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:11:59.177737+00:00 Debian Importer Fixing VCID-4jxu-65cg-gbag https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:59:47.665526+00:00 Debian Importer Fixing VCID-k6h1-5v39-jfeb https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:37:33.503307+00:00 Debian Importer Fixing VCID-bwr1-kgn5-27f7 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:33:42.832094+00:00 Debian Importer Fixing VCID-y6zm-whbe-gfg4 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:28:13.858950+00:00 Debian Importer Fixing VCID-3jt3-2y11-yuc5 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:21:31.053025+00:00 Debian Importer Fixing VCID-st4p-dn2v-dbg3 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:14:23.488684+00:00 Debian Importer Fixing VCID-4fcw-qdwc-4ycd https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:14:15.731013+00:00 Debian Importer Fixing VCID-zytz-gsnc-yqh9 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:48:01.659288+00:00 Debian Importer Fixing VCID-3vdu-cchd-ekcp https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T09:17:06.456770+00:00 Debian Importer Fixing VCID-n34c-87th-d7gz https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:54:34.209092+00:00 Debian Importer Fixing VCID-qapz-hmnm-x7dd https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:45:41.682102+00:00 Debian Importer Fixing VCID-9cm4-mu3q-2yey https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:39:08.355894+00:00 Debian Importer Fixing VCID-nfzs-w4pe-bubj https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:35:12.243130+00:00 Debian Importer Fixing VCID-bfu8-pr4x-guek https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:32:54.106069+00:00 Debian Importer Fixing VCID-rqt5-xvxx-47h6 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:27:51.514977+00:00 Debian Importer Fixing VCID-xcyv-byj5-8fb3 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:21:36.094387+00:00 Debian Importer Fixing VCID-sbp2-xwuf-wbgc https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:09:33.863146+00:00 Debian Importer Fixing VCID-c2pw-ysyx-q7an https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:58:15.638734+00:00 Debian Importer Fixing VCID-j4gx-2342-mkdv https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:53:22.853338+00:00 Debian Importer Fixing VCID-e1yx-b7wn-83af https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:51:40.866614+00:00 Debian Importer Fixing VCID-5tpu-zawb-f3as https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:43:27.348987+00:00 Debian Importer Fixing VCID-ng6k-ru7r-9kdp https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:42:43.135810+00:00 Debian Importer Fixing VCID-vmyv-5rvk-akh3 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:23:58.162891+00:00 Debian Importer Fixing VCID-ba35-1hmw-m3hg https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:06:38.475452+00:00 Debian Importer Fixing VCID-xgfe-d1s6-eufu https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:59:50.965387+00:00 Debian Importer Fixing VCID-mhw6-1d6f-pbcp https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:59:50.073443+00:00 Debian Importer Fixing VCID-qeqa-7wwa-6qdn https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:52:29.437602+00:00 Debian Importer Fixing VCID-9jj4-5uem-kkbs https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:51:20.417526+00:00 Debian Importer Fixing VCID-4jxu-65cg-gbag https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:41:58.983701+00:00 Debian Importer Fixing VCID-k6h1-5v39-jfeb https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:24:28.197081+00:00 Debian Importer Fixing VCID-bwr1-kgn5-27f7 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:22:21.287028+00:00 Debian Importer Fixing VCID-y6zm-whbe-gfg4 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:18:56.955066+00:00 Debian Importer Fixing VCID-3jt3-2y11-yuc5 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:15:02.887164+00:00 Debian Importer Fixing VCID-st4p-dn2v-dbg3 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:10:45.900615+00:00 Debian Importer Fixing VCID-4fcw-qdwc-4ycd https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:10:40.640017+00:00 Debian Importer Fixing VCID-zytz-gsnc-yqh9 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:54:46.223811+00:00 Debian Importer Fixing VCID-3vdu-cchd-ekcp https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:25:31.990597+00:00 Debian Importer Fixing VCID-sbp2-xwuf-wbgc https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.948212+00:00 Debian Importer Fixing VCID-79fy-gfr6-zkgq https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.894844+00:00 Debian Importer Fixing VCID-k6h1-5v39-jfeb https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.837455+00:00 Debian Importer Fixing VCID-ng6k-ru7r-9kdp https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.775278+00:00 Debian Importer Affected by VCID-zx65-nc6s-8yf9 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.720511+00:00 Debian Importer Fixing VCID-9jj4-5uem-kkbs https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.666794+00:00 Debian Importer Fixing VCID-bfu8-pr4x-guek https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.619605+00:00 Debian Importer Fixing VCID-rqt5-xvxx-47h6 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.569957+00:00 Debian Importer Fixing VCID-ba35-1hmw-m3hg https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.525456+00:00 Debian Importer Fixing VCID-9cm4-mu3q-2yey https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.482826+00:00 Debian Importer Fixing VCID-qapz-hmnm-x7dd https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.441475+00:00 Debian Importer Fixing VCID-xcyv-byj5-8fb3 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.400627+00:00 Debian Importer Fixing VCID-5tpu-zawb-f3as https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.354831+00:00 Debian Importer Fixing VCID-nfzs-w4pe-bubj https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.305300+00:00 Debian Importer Fixing VCID-3jt3-2y11-yuc5 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.261466+00:00 Debian Importer Fixing VCID-4fcw-qdwc-4ycd https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.214226+00:00 Debian Importer Fixing VCID-mhw6-1d6f-pbcp https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.164701+00:00 Debian Importer Fixing VCID-zytz-gsnc-yqh9 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.113367+00:00 Debian Importer Fixing VCID-vmyv-5rvk-akh3 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.062342+00:00 Debian Importer Fixing VCID-st4p-dn2v-dbg3 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:31.014308+00:00 Debian Importer Fixing VCID-n34c-87th-d7gz https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:30.966406+00:00 Debian Importer Fixing VCID-e1yx-b7wn-83af https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:30.921630+00:00 Debian Importer Fixing VCID-3vdu-cchd-ekcp https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:30.873471+00:00 Debian Importer Fixing VCID-c2pw-ysyx-q7an https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:30.823613+00:00 Debian Importer Fixing VCID-y6zm-whbe-gfg4 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:30.779316+00:00 Debian Importer Fixing VCID-xgfe-d1s6-eufu https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:30.732369+00:00 Debian Importer Fixing VCID-4jxu-65cg-gbag https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:30.688844+00:00 Debian Importer Fixing VCID-j4gx-2342-mkdv https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:30.647384+00:00 Debian Importer Fixing VCID-bwr1-kgn5-27f7 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:30.603041+00:00 Debian Importer Fixing VCID-qeqa-7wwa-6qdn https://security-tracker.debian.org/tracker/data/json 38.1.0