Lucene search
PRIOn knowledge basePRION:CVE-2020-24972HistoryAug 29, 2020 - 9:15 p.m.
Command injection
2020-08-2921:15:00
PRIOn knowledge base
www.prio-n.com
7
The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to load an arbitrary DLL.
References
lists.opensuse.org/opensuse-security-announce/2020-10/msg00053.html
lists.opensuse.org/opensuse-security-announce/2020-10/msg00064.html
dev.gnupg.org/rKLEOPATRAb4bd63c1739900d94c04da03045e9445a5a5f54b
dev.gnupg.org/source/kleo/browse/master/CMakeLists.txt
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IRIPL72WMXTVWS2M7WYV5SNPETYJ2YI7/
security.gentoo.org/glsa/202008-21
Related
fedora
fedora
[SECURITY] Fedora 32 Update: kleopatra-19.12.2-2.fc32
2020-10-19 16:58:59
openvas
openvas
openSUSE: Security Advisory for kleopatra (openSUSE-SU-2020:1723-1)
2020-10-25 00:00:00
Mageia: Security Advisory (MGASA-2020-0425)
2022-01-28 00:00:00
Fedora: Security Advisory for kleopatra (FEDORA-2020-9b441d3153)
2020-10-21 00:00:00
debiancve
debiancve
CVE-2020-24972
2020-08-29 21:15:11
nvd
nvd
CVE-2020-24972
2020-08-29 21:15:11
nessus
nessus
Fedora 32 : kleopatra (2020-9b441d3153)
2020-10-20 00:00:00
GLSA-202008-21 : Kleopatra: Remote code execution
2020-08-31 00:00:00
openSUSE Security Update : kleopatra (openSUSE-2020-1723)
2020-10-26 00:00:00
gentoo
gentoo
Kleopatra: Remote code execution
2020-08-30 00:00:00
ubuntucve
ubuntucve
CVE-2020-24972
2020-08-29 00:00:00
redhatcve
redhatcve
CVE-2020-24972
2022-05-21 00:26:22
cvelist
cvelist
CVE-2020-24972
2020-08-29 20:40:19
cve
cve
CVE-2020-24972
2020-08-29 21:15:11
suse
suse
Security update for kleopatra (moderate)
2020-10-24 00:00:00
Security update for kleopatra (moderate)
2020-10-28 00:00:00
mageia
mageia
Updated kleopatra packages fix a security vulnerability
2020-11-15 18:45:05