gpg2 (SUSE:Linux Enterprise Server 12 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 12 SP5 package gpg2, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2018-9234 — CVSS 7.5 (high): GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in…
CVE-2022-34903 — CVSS 6.5 (medium): GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other…