VDB

ALPINE-CVE-2018-12020

ALPINE-CVE-2018-12020 PUBLISHED CVSS 7.5 HIGH

mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes.

Risk Scores

CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected Products

VendorProductVersions
Alpine:v3.17gnupg2.1.10-r0, 2.0.20-r0, 2.1.8-r0
Alpine:v3.11gnupg2.1.21-r0, 0, 2.0.10-r1
Alpine:v3.11gnupg11.4.22-r0, 0, 1.4.16-r0
Alpine:v3.21gnupg2.2.2-r0, 2.2.0-r1, 2.2.0-r0
Alpine:v3.15gnupg2.2.3-r1, 2.2.5-r0, 2.2.6-r0
Alpine:v3.13gnupg2.1.18-r0, 0, 2.0.10-r1
Alpine:v3.7gnupg2.1.0_beta895-r1, 2.0.21-r0, 2.1.5-r1
Alpine:v3.12gnupg10, 1.4.16-r0, 1.4.16-r1
Alpine:v3.6gnupg11.4.16-r2, 1.4.16-r0, 1.4.16-r1
Alpine:v3.5gnupg11.4.16-r0, 1.4.22-r0, 1.4.21-r0
Alpine:v3.7gnupg11.4.18-r0, 1.4.20-r0, 1.4.21-r0
Alpine:v3.9gnupg10, 1.4.16-r0, 1.4.16-r2
Alpine:v3.20gnupg2.1.20-r0, 2.2.7-r0, 2.2.6-r3
Alpine:v3.6gnupg2.1.17-r0, 2.1.9-r1, 2.1.9-r0
Alpine:v3.22gnupg2.1.3-r1, 2.0.10-r0, 2.0.15-r0
Alpine:v3.8gnupg2.1.11-r0, 2.1.0_beta895-r1, 2.1.0_beta783-r1
Alpine:v3.19gnupg2.1.18-r0, 0, 2.0.10-r0
Alpine:v3.4gnupg2.1.10-r0, 2.1.0_beta895-r1, 2.1.0_beta783-r1
Alpine:v3.16gnupg2.2.0-r0, 2.1.8-r0, 2.1.7-r1
Alpine:v3.14gnupg2.1.5-r1, 2.1.11-r0, 2.0.17-r0

…and 8 more

Timeline

  • Jun 8, 2018 CVE Published
  • Dec 3, 2025 CVE Updated
  • Apr 30, 2026 Distribution Patch

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›