Skip to main content

Gpgme

2 CVEs product

Monthly

CVE-2020-8945 Go HIGH POC PATCH This Week

The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Use After Free Memory Corruption Docker RCE Gpgme +8
NVD GitHub
CVSS 3.1
7.5
EPSS
5.1%
CVE-2014-3564 MEDIUM PATCH This Month

Multiple heap-based buffer overflows in the status_handler function in (1) engine-gpgsm.c and (2) engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service (crash). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Denial Of Service RCE Buffer Overflow Gpgme Ubuntu Linux +1
NVD
CVSS 2.0
6.8
EPSS
2.8%
EPSS 5% CVSS 7.5
HIGH POC PATCH This Week

The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Use After Free Memory Corruption Docker +10
NVD GitHub
EPSS 3% CVSS 6.8
MEDIUM PATCH This Month

Multiple heap-based buffer overflows in the status_handler function in (1) engine-gpgsm.c and (2) engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service (crash). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Denial Of Service RCE Buffer Overflow +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy