In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:NGnupg
APPGnupg≤ 2.4.8
Related vulnerabilities
A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnera...
In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT co...
In GnuPG before 2.5.17, a crafted CMS (S/MIME) EnvelopedData message carrying an oversized wrapped session key...
GnuPG 2.2.21 and 2.2.22 (and Gpg4win 3.1.12) has an array overflow, leading to a crash or possibly unspecified...
A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorit...