Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2001-0072

gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust.

  • Published: Feb 12, 2001
  • Updated: Apr 13, 2023
  • CVE: CVE-2001-0072
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Software From Fixed in
gnu / privacy_guard 1.0.3 1.0.3.x
gnu / privacy_guard 1.0 1.0.x
gnu / privacy_guard 1.0.2 1.0.2.x
gnu / privacy_guard 1.0.1 1.0.1.x
gnu / privacy_guard 1.0.3b 1.0.3b.x