CVE-2001-0072 in GnuPGinformazioni

Riassunto

di MITRE

gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Divulgazione

12/02/2001

Moderazione

accettato

Voce

VDB-16406

CPE

pronto

CWE

CWE-269 (confermato)

CVSS

5.0 (NVD)

EPSS

0.01969

KEV

Attività

molto basso

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2001-0072
NVD	https://nvd.nist.gov/vuln/detail/CVE-2001-0072
CVE Details	https://www.cvedetails.com/cve/CVE-2001-0072/

◂ Precedente Visione D'ensemble Il prossimo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!