exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

CVE-2022-34903

Status Candidate

Overview

GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.

Related Files

Gentoo Linux Security Advisory 202408-23
Posted Aug 12, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202408-23 - Multiple vulnerabilities have been discovered in GnuPG, the worst of which could lead to signature spoofing. Versions greater than or equal to 2.4.4 are affected.

tags | advisory, spoof, vulnerability
systems | linux, gentoo
advisories | CVE-2022-34903
SHA-256 | f197a26beaa903161483172a07af23680ada9325f5443fb0df06e4827c5d2d63
Red Hat Security Advisory 2023-4290-01
Posted Jul 27, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4290-01 - OpenShift sandboxed containers 1.4.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-24736, CVE-2021-46848, CVE-2022-1271, CVE-2022-1304, CVE-2022-2509, CVE-2022-28805, CVE-2022-34903, CVE-2022-35737, CVE-2022-36227, CVE-2022-3715, CVE-2022-40303, CVE-2022-40304, CVE-2022-47629, CVE-2023-0464
SHA-256 | 1e2b8ec0277e95d223b5e93c67cebd05ba8613dd04c6a60f215d9837febfb0b2
Red Hat Security Advisory 2023-0786-01
Posted Feb 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0786-01 - Network observability is an OpenShift operator that provides a monitoring pipeline to collect and enrich network flows that are produced by the Network observability eBPF agent. The operator provides dashboards, metrics, and keeps flows accessible in a queryable log store, Grafana Loki. When a FlowCollector is deployed, new dashboards are available in the Console.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-46848, CVE-2022-1271, CVE-2022-1304, CVE-2022-2509, CVE-2022-33099, CVE-2022-34903, CVE-2022-3515, CVE-2022-35737, CVE-2022-3602, CVE-2022-3715, CVE-2022-3786, CVE-2022-3821, CVE-2022-40303, CVE-2022-40304
SHA-256 | 013e0d112d12163306ab5fd48c064c86a91e50c0e5cba35318befef6de74f4c3
Red Hat Security Advisory 2022-8634-01
Posted Nov 28, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8634-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-35525, CVE-2020-35527, CVE-2022-2509, CVE-2022-27191, CVE-2022-27664, CVE-2022-30632, CVE-2022-30635, CVE-2022-32190, CVE-2022-34903, CVE-2022-3515, CVE-2022-37434, CVE-2022-40674
SHA-256 | b40d2005f66e612c1aaffbf22521c13291a21987948b24580c002a869de0af41
Red Hat Security Advisory 2022-7276-01
Posted Nov 2, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7276-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include denial of service, server-side request forgery, and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2020-35525, CVE-2020-35527, CVE-2022-0494, CVE-2022-1353, CVE-2022-2238, CVE-2022-23816, CVE-2022-23825, CVE-2022-2509, CVE-2022-25858, CVE-2022-2588, CVE-2022-29900, CVE-2022-29901, CVE-2022-31129, CVE-2022-34903
SHA-256 | 7ac9e1c7f562a5f00c685c3f4a883358404bdb691f54031e1c202dfc1880d591
Red Hat Security Advisory 2022-7261-01
Posted Oct 31, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7261-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-21698, CVE-2022-34903, CVE-2022-40674
SHA-256 | c7154b769aa8f770385e0062b01dadddba7912b1c640e1d7b6bb390748f4dcca
Red Hat Security Advisory 2022-6954-01
Posted Oct 17, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6954-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.3 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix security issues and several bugs. Issues addressed include denial of service and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2015-20107, CVE-2022-0391, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-2238, CVE-2022-34903
SHA-256 | fda3772db47bbb97412abbca356027a1b9d45258ea5b87563a25fd016a40589a
Red Hat Security Advisory 2022-6560-01
Posted Sep 26, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6560-01 - An update is now available for OpenShift Logging 5.3.12 Red Hat Product Security has rated this update as having a security impact of Moderate.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-20107, CVE-2022-0391, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-29154, CVE-2022-30631, CVE-2022-32206, CVE-2022-32208, CVE-2022-34903
SHA-256 | d134f436fdff639de70a03b7b3975885bf861fbed06c5479cdbcb07453bd6f5d
Red Hat Security Advisory 2022-6536-01
Posted Sep 22, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6536-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.5.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-20107, CVE-2021-3121, CVE-2022-0391, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-28199, CVE-2022-30629, CVE-2022-34903
SHA-256 | 0c76c344a24ad9f294e5e60b3ecf6b5cbee617962cc0ff63f7cf784cc0666fc0
Red Hat Security Advisory 2022-6602-01
Posted Sep 21, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6602-01 - The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2022-34903
SHA-256 | 2f546cc594b27d7692d6b7e1da82b366f4536c484e2ff30f9db69967735005e9
Red Hat Security Advisory 2022-6537-01
Posted Sep 20, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6537-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.5. Issues addressed include denial of service and out of bounds read vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2015-20107, CVE-2021-38561, CVE-2022-0391, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-21698, CVE-2022-34903
SHA-256 | 735b783c45f9b58ea138e108a34335ff5637f28e24d124171612b58ece201b35
Red Hat Security Advisory 2022-6463-01
Posted Sep 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6463-01 - The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2022-34903
SHA-256 | eb47351379cabbe9cec3103f6e9aa7072ef2a28cbcc12b29cd3b2715ed656cdb
Debian Security Advisory 5174-1
Posted Jul 28, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5174-1 - Demi Marie Obenour discovered a flaw in GnuPG, allowing for signature spoofing via arbitrary injection into the status line. An attacker who controls the secret part of any signing-capable key or subkey in the victim's keyring, can take advantage of this flaw to provide a correctly-formed signature that some software, including gpgme, will accept to have validity and signer fingerprint chosen from the attacker.

tags | advisory, arbitrary, spoof
systems | linux, debian
advisories | CVE-2022-34903
SHA-256 | 89f6d8dfcac1cf3a4ab190ba4ee8e6c398f5fddf47e866d5434dd8576de85315
Ubuntu Security Notice USN-5503-2
Posted Jul 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5503-2 - USN-5503-1 fixed a vulnerability in GnuPG. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Demi Marie Obenour discovered that GnuPG incorrectly handled injection in the status message. A remote attacker could possibly use this issue to forge signatures.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2022-34903
SHA-256 | dc29d20626455436a85b7247c791c723d2100807e80e14b0927a4ed592152107
Ubuntu Security Notice USN-5503-1
Posted Jul 6, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5503-1 - Demi Marie Obenour discovered that GnuPG incorrectly handled injection in the status message. A remote attacker could possibly use this issue to forge signatures.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2022-34903
SHA-256 | 0b69d827a44a79e269df3e86d3912b4f936dff6c6042fcd9d52ca24d9c84dfd5
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close