cve/CVE-2018-1000858.md at 605ab304d9bbcc82b560beb075016235bee1c51f

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 09:12:08 +00:00

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

Description

GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery (CSRF) vulnerability in dirmngr that can result in Attacker controlled CSRF, Information Disclosure, DoS. This attack appear to be exploitable via Victim must perform a WKD request, e.g. enter an email address in the composer window of Thunderbird/Enigmail. This vulnerability appears to have been fixed in after commit 4a4bb874f63741026bd26264c43bb32b1099f060.

POC

Reference

No PoCs from references.

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/flyrev/security-scan-ci-presentation

941 B Raw Blame History

CVE-2018-1000858

Description

POC

Reference

Github

941 B

Raw Blame History