Sks Keyserver Project » Sks Keyserver : Security Vulnerabilities, CVEs,

CVE-2019-13050

Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack.
Max CVSS
7.5
EPSS Score
1.04%
Published
2019-06-29
Updated
2021-06-29

CVE-2014-3207

Cross-site scripting (XSS) vulnerability in wserver.ml in SKS Keyserver before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to pks/lookup/undefined1.
Max CVSS
4.3
EPSS Score
0.29%
Published
2014-05-08
Updated
2014-05-09
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close