VulnerableCode Package Details - pkg:pypi/python-gnupg@0.2.8

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/python-gnupg@0.2.8

Essentials
History (7)

purl	pkg:pypi/python-gnupg@0.2.8

Next non-vulnerable version	0.4.4
Latest non-vulnerable version	0.4.4
Risk	4.4

Vulnerabilities affecting this package (4)

Vulnerability	Summary	Fixed by
VCID-2upe-cwee-bbhg Aliases: PYSEC-2019-45	python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting the affect functionality component.	0.4.4 Affected by 0 other vulnerabilities.
VCID-cjka-q519-e3d2 Aliases: CVE-2013-7323 GHSA-c2fx-8r76-gh36 PYSEC-2014-89	security update	0.3.5 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 0.3.7 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-mp7j-4jbd-z7by Aliases: GHSA-qh62-ch95-63wh	Duplicate Advisory: python-gnupg allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended	0.4.4 Affected by 0 other vulnerabilities.
VCID-wzj6-4gcg-3kgt Aliases: CVE-2014-1928 GHSA-2jc8-4r6g-282j PYSEC-2014-91	security update	0.3.6 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-12T17:18:46.870623+00:00	GitLab Importer	Affected by	VCID-mp7j-4jbd-z7by	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/python-gnupg/GHSA-qh62-ch95-63wh.yml	38.6.0
2026-06-12T17:06:04.331897+00:00	GitLab Importer	Affected by	VCID-cjka-q519-e3d2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/python-gnupg/CVE-2013-7323.yml	38.6.0
2026-06-12T04:01:10.553089+00:00	Pypa Importer	Affected by	VCID-wzj6-4gcg-3kgt	https://github.com/pypa/advisory-database/blob/main/vulns/python-gnupg/PYSEC-2014-91.yaml	38.6.0
2026-06-12T04:00:54.393649+00:00	Pypa Importer	Affected by	VCID-cjka-q519-e3d2	https://github.com/pypa/advisory-database/blob/main/vulns/python-gnupg/PYSEC-2014-89.yaml	38.6.0
2026-06-11T20:44:18.000029+00:00	PyPI Importer	Affected by	VCID-2upe-cwee-bbhg	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0
2026-06-11T20:42:33.508712+00:00	PyPI Importer	Affected by	VCID-wzj6-4gcg-3kgt	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0
2026-06-11T20:42:17.765815+00:00	PyPI Importer	Affected by	VCID-cjka-q519-e3d2	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0