Skip to main content

Signing Party

1 CVEs product

Monthly

CVE-2019-11627 CRITICAL POC Act Now

gpg-key2ps in signing-party 1.1.x and 2.x before 2.10-1 contains an unsafe shell call enabling shell injection via a User ID. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Signing Party Debian Linux Leap
NVD
CVSS 3.1
9.8
EPSS
2.8%
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

gpg-key2ps in signing-party 1.1.x and 2.x before 2.10-1 contains an unsafe shell call enabling shell injection via a User ID. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Signing Party Debian Linux +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy