GNU : Security Vulnerabilities, CVEs, Published In March 2006
The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and earlier, when using Python's library email module 2.5, allows remote attackers to cause a denial of service (mailing list delivery failure) via a multipart MIME message with a single part that has two blank lines between the first boundary and the end boundary.
Max CVSS
5.0
EPSS Score
12.38%
Published
2006-03-31
Updated
2018-10-03
gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different vulnerability than CVE-2006-0455.
Max CVSS
5.0
EPSS Score
0.60%
Published
2006-03-13
Updated
2018-10-19
2 vulnerabilities found