Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/gnupg2@2.2.40-1.1%2Bdeb12u2
purl pkg:deb/debian/gnupg2@2.2.40-1.1%2Bdeb12u2
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 1.2
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-zx65-nc6s-8yf9
Aliases:
CVE-2025-30258
gnupg: verification DoS due to a malicious subkey in the keyring
2.4.7-21+deb13u1
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-ng6k-ru7r-9kdp GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write CVE-2025-68973

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T11:14:22.477436+00:00 Debian Importer Affected by VCID-zx65-nc6s-8yf9 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-15T17:12:37.982020+00:00 Debian Oval Importer Fixing VCID-ng6k-ru7r-9kdp https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-13T07:38:35.095274+00:00 Debian Importer Affected by VCID-zx65-nc6s-8yf9 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T16:59:15.018280+00:00 Debian Oval Importer Fixing VCID-ng6k-ru7r-9kdp https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T19:04:44.152065+00:00 Debian Importer Affected by VCID-zx65-nc6s-8yf9 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-08T16:48:46.342328+00:00 Debian Oval Importer Fixing VCID-ng6k-ru7r-9kdp https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0