VulnerableCode Package Details - pkg:ebuild/app-crypt/gnupg@2.4.4

Search for packages

Package details: pkg:ebuild/app-crypt/gnupg@2.4.4

Essentials
History (3)

purl	pkg:ebuild/app-crypt/gnupg@2.4.4

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-ey5p-3qp3-aaam	GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.	CVE-2022-34903

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T13:04:44.366060+00:00	Gentoo Importer	Fixing	VCID-ey5p-3qp3-aaam	https://security.gentoo.org/glsa/202408-23	36.0.0
2024-09-18T07:58:52.056742+00:00	Gentoo Importer	Fixing	VCID-ey5p-3qp3-aaam	https://security.gentoo.org/glsa/202408-23	34.0.1
2024-08-10T09:18:58.415485+00:00	Gentoo Importer	Fixing	VCID-ey5p-3qp3-aaam	https://security.gentoo.org/glsa/202408-23	34.0.0rc4