Total vulnerabilities in the database
Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack.
| Software | From | Fixed in |
|---|---|---|
| gnupg / gnupg | - | 2.2.16.x |
| sks_keyserver_project / sks_keyserver | - | 1.2.0.x |
| fedoraproject / fedora | 29 | 29.x |
| fedoraproject / fedora | 30 | 30.x |
| opensuse / leap | 15.0 | 15.0.x |
| opensuse / leap | 15.1 | 15.1.x |
| f5 / traffix_signaling_delivery_controller | 5.0.0 | 5.1.0.x |