VulnerableCode Package Details - pkg:ebuild/app-crypt/gnupg@2.0

Search for packages

Package details: pkg:ebuild/app-crypt/gnupg@2.0

Essentials
History (3)

purl	pkg:ebuild/app-crypt/gnupg@2.0

Next non-vulnerable version	2.0.16-r1
Latest non-vulnerable version	2.4.4
Risk	3.6

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-7kuc-9ej4-aaab Aliases: CVE-2010-2547	Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x through 2.0.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names, which is not properly handled in a realloc operation when importing the certificate or verifying its signature.	2.0.16-r1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T12:46:11.682070+00:00	Gentoo Importer	Affected by	VCID-7kuc-9ej4-aaab	https://security.gentoo.org/glsa/201110-15	36.0.0
2024-09-18T07:40:56.085046+00:00	Gentoo Importer	Affected by	VCID-7kuc-9ej4-aaab	https://security.gentoo.org/glsa/201110-15	34.0.1
2024-01-04T01:46:48.049460+00:00	Gentoo Importer	Affected by	VCID-7kuc-9ej4-aaab	https://security.gentoo.org/glsa/201110-15	34.0.0rc1