VulnerableCode Package Details - pkg:deb/debian/gpgme1.0@1.0.2-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-2smz-f6ba-aaak Aliases: CVE-2014-3564	Multiple heap-based buffer overflows in the status_handler function in (1) engine-gpgsm.c and (2) engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "different line lengths in a specific order."	1.2.0-1.4+deb7u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.5.1-6 Affected by 0 other vulnerabilities.
VCID-wavx-g6yn-aaak Aliases: CVE-2007-1263	GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection.	1.1.2-5 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-2smz-f6ba-aaak
Aliases:
CVE-2014-3564

Multiple heap-based buffer overflows in the status_handler function in (1) engine-gpgsm.c and (2) engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "different line lengths in a specific order."

1.2.0-1.4+deb7u1
Affected by 1 other vulnerability.

1.5.1-6
Affected by 0 other vulnerabilities.

VCID-wavx-g6yn-aaak
Aliases:
CVE-2007-1263

GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection.

1.1.2-5
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-21T15:21:45.445495+00:00	Debian Oval Importer	Affected by	VCID-wavx-g6yn-aaak	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.3
2025-06-21T11:54:41.033513+00:00	Debian Oval Importer	Affected by	VCID-2smz-f6ba-aaak	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.3
2025-06-21T09:27:46.985881+00:00	Debian Oval Importer	Affected by	VCID-2smz-f6ba-aaak	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.3
2025-06-20T21:10:53.225537+00:00	Debian Oval Importer	Affected by	VCID-wavx-g6yn-aaak	None	36.1.3
2025-06-20T19:29:56.601952+00:00	Debian Oval Importer	Affected by	VCID-2smz-f6ba-aaak	None	36.1.3
2025-06-08T12:46:45.260630+00:00	Debian Oval Importer	Affected by	VCID-2smz-f6ba-aaak	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.0
2025-06-08T08:16:02.164167+00:00	Debian Oval Importer	Affected by	VCID-wavx-g6yn-aaak	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.0
2025-06-08T05:06:48.062030+00:00	Debian Oval Importer	Affected by	VCID-2smz-f6ba-aaak	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.0
2025-06-08T03:15:57.783762+00:00	Debian Oval Importer	Affected by	VCID-2smz-f6ba-aaak	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.0
2025-06-07T14:35:55.658728+00:00	Debian Oval Importer	Affected by	VCID-wavx-g6yn-aaak	None	36.1.0
2025-06-07T13:26:51.783116+00:00	Debian Oval Importer	Affected by	VCID-2smz-f6ba-aaak	None	36.1.0
2025-06-03T13:26:07.989038+00:00	Debian Oval Importer	Affected by	VCID-2smz-f6ba-aaak	None	36.1.2
2025-04-12T19:48:22.692810+00:00	Debian Oval Importer	Affected by	VCID-wavx-g6yn-aaak	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T18:33:39.581940+00:00	Debian Oval Importer	Affected by	VCID-2smz-f6ba-aaak	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-08T06:47:36.627411+00:00	Debian Oval Importer	Affected by	VCID-wavx-g6yn-aaak	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.0.0
2025-04-08T03:37:43.664368+00:00	Debian Oval Importer	Affected by	VCID-2smz-f6ba-aaak	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.0.0
2025-04-08T01:43:22.344568+00:00	Debian Oval Importer	Affected by	VCID-2smz-f6ba-aaak	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.0.0
2025-04-07T13:08:02.592828+00:00	Debian Oval Importer	Affected by	VCID-wavx-g6yn-aaak	None	36.0.0
2025-04-07T12:02:23.346569+00:00	Debian Oval Importer	Affected by	VCID-2smz-f6ba-aaak	None	36.0.0
2024-11-26T01:01:54.440188+00:00	Debian Oval Importer	Affected by	VCID-wavx-g6yn-aaak	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	35.0.0
2024-10-12T07:26:26.988781+00:00	Debian Oval Importer	Affected by	VCID-wavx-g6yn-aaak	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	34.0.2
2024-09-20T13:27:21.187454+00:00	Debian Oval Importer	Affected by	VCID-wavx-g6yn-aaak	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	34.0.1