VulnerableCode Package Details - pkg:deb/ubuntu/gnupg2@2.2.19-3ubuntu1

Search for packages

Package details: pkg:deb/ubuntu/gnupg2@2.2.19-3ubuntu1

Essentials
History (0)

purl	pkg:deb/ubuntu/gnupg2@2.2.19-3ubuntu1

Next non-vulnerable version	2.2.19-3ubuntu2
Latest non-vulnerable version	2.2.19-3ubuntu2
Risk	3.4

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-m3q4-wftu-aaaa Aliases: CVE-2019-14855	A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.	2.2.19-3ubuntu2 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-2c8m-9dgp-aaae	CVE-2019-13050 GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack which leads to persistent DoS	CVE-2019-13050

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version