CVE-2022-3219

Updated: 2023-11-27 23:29:23.75292

Description:

GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x LOW 3.3

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9.2 ESU gnupg2 2.3.3 3.3 LOW Ignored 2023-12-01 03:18:54
CentOS 6 ELS gnupg2 2.0.14 3.3 LOW Ignored 2023-12-01 03:18:52
CentOS 7 ELS gnupg2 2.0.22 3.3 LOW Ignored 2023-12-01 03:18:54
CentOS 8.4 ELS gnupg2 2.2.20 3.3 LOW Ignored 2023-12-01 03:18:54
CentOS 8.5 ELS gnupg2 2.2.20 3.3 LOW Ignored 2023-12-01 03:18:51
CloudLinux 6 ELS gnupg2 2.0.14 3.3 LOW Ignored 2023-12-01 03:18:52
Oracle Linux 6 ELS gnupg2 2.0.14 3.3 LOW Ignored 2023-12-01 03:18:54
Ubuntu 16.04 ELS gnupg2 2.1.11-6 3.3 LOW Ignored 2023-12-01 03:18:51
Ubuntu 16.04 ELS gnupg 1.4.20 3.3 LOW Ignored 2023-12-01 03:18:55
Ubuntu 18.04 ELS gnupg2 2.2.4-1 3.3 LOW Ignored 2023-12-01 03:18:54