gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached signatures, which allows attackers to modify the contents of a file without detection.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Privacy_guard | Gnu | 1.0.3 | 1.0.3 |
Privacy_guard | Gnu | 1.0 | 1.0 |
Privacy_guard | Gnu | 1.0.2 | 1.0.2 |
Privacy_guard | Gnu | 1.0.1 | 1.0.1 |
Privacy_guard | Gnu | 1.0.3b | 1.0.3b |