VulnerableCode Package Details - pkg:deb/debian/gnupg2@2.2.40-1.1%2Bdeb12u1

Search for packages

Package details: pkg:deb/debian/gnupg2@2.2.40-1.1%2Bdeb12u1

Essentials
History (1)

purl	pkg:deb/debian/gnupg2@2.2.40-1.1%2Bdeb12u1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-mw2w-gzpr-cbcq	In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a "verification DoS."	CVE-2025-30258

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T13:22:29.460247+00:00	Debian Importer	Fixing	VCID-mw2w-gzpr-cbcq	https://security-tracker.debian.org/tracker/data/json	37.0.0