Filtered by vendor Gpgme Project
Subscribe
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-8945 | 3 Fedoraproject, Gpgme Project, Redhat | 10 Fedora, Gpgme, Enterprise Linux and 7 more | 2022-10-18 | 5.1 MEDIUM | 7.5 HIGH |
The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification. |