Search CVE reports


Toggle filters

1 result


CVE-2020-8945

Medium priority
Needs evaluation

The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification.

2 affected packages

golang-github-proglottis-gpgme, singularity-container

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
golang-github-proglottis-gpgme Not affected Not affected Needs evaluation Not in release Not in release
singularity-container Needs evaluation Not in release Not in release Needs evaluation Not in release
Show less packages