First published: Sun Mar 17 2019(Updated: )
Last updated 24 July 2024
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
pip/python-gnupg | <0.4.4 | 0.4.4 |
Python Python-gnupg | =0.4.3 | |
Debian Debian Linux | =8.0 | |
Debian Debian Linux | =9.0 | |
openSUSE Leap | =15.0 | |
Suse Backports | ||
SUSE Linux Enterprise | =15.0 | |
Canonical Ubuntu Linux | =18.04 | |
Canonical Ubuntu Linux | =18.10 | |
Canonical Ubuntu Linux | =19.04 | |
All of | ||
Suse Backports | ||
SUSE Linux Enterprise | =15.0 | |
debian/python-gnupg | 0.4.6-1 0.4.9-1 0.5.2-2 | |
=0.4.3 | ||
=8.0 | ||
=9.0 | ||
=15.0 | ||
All of | ||
=15.0 | ||
=18.04 | ||
=18.10 | ||
=19.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2019-6690 is high with a CVSS score of 7.5.
The affected software version of CVE-2019-6690 is python-gnupg 0.4.3.
An attacker can exploit CVE-2019-6690 by tricking gnupg to decrypt other ciphertext than intended.
The remedy for CVE-2019-6690 is to upgrade to python-gnupg version 0.4.4 or higher.
CWE-20 is a category of weaknesses related to improper input validation.