Vulnerabilities (CVE)

Filtered by vendor Gpgme Project Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-8945 3 Fedoraproject, Gpgme Project, Redhat 10 Fedora, Gpgme, Enterprise Linux and 7 more 2024-11-21 5.1 MEDIUM 7.5 HIGH
The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification.