VulnerableCode Package Details - pkg:deb/debian/gnupg2@2.2.40-1.1

Search for packages

Package details: pkg:deb/debian/gnupg2@2.2.40-1.1

purl	pkg:deb/debian/gnupg2@2.2.40-1.1

Next non-vulnerable version	2.2.40-1.1+deb12u1
Latest non-vulnerable version	2.4.7-17
Risk	1.2

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-jv84-26c2-5fdx Aliases: CVE-2025-30258	gnupg: verification DoS due to a malicious subkey in the keyring	2.2.40-1.1+deb12u1 Affected by 0 other vulnerabilities. 2.2.45-2 Affected by 0 other vulnerabilities. 2.4.7-17 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-jv84-26c2-5fdx
Aliases:
CVE-2025-30258

gnupg: verification DoS due to a malicious subkey in the keyring

2.2.40-1.1+deb12u1
Affected by 0 other vulnerabilities.

2.2.45-2
Affected by 0 other vulnerabilities.

2.4.7-17
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-21T09:14:08.753825+00:00	Debian Importer	Affected by	VCID-jv84-26c2-5fdx	https://security-tracker.debian.org/tracker/data/json	36.1.3
2025-04-05T19:50:13.425842+00:00	Debian Importer	Affected by	VCID-jv84-26c2-5fdx	https://security-tracker.debian.org/tracker/data/json	36.0.0