« List of all CVEs

CVE-2014-4617

Published: 6/25/2014 Last updated: 8/6/2024 Reserved: 6/24/2014

The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (1)

0install

Products affected (1)

Product Vendor Version
n/a n/a WSA8815

References (26)