VDB

GCVE-VVD-MAGEIA-2019-108

GCVE-VVD-MAGEIA-2019-108
Advisory Published
Vulnetix · Advisory published August 31, 2019
GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery (CSRF) vulnerability in dirmngr that can result in Attacker controlled CSRF, Information Disclosure, DoS. This attack appear to be exploitable via Victim must perform a WKD request, e.g. enter an email address in the composer window of Thunderbird/Enigmail. This vulnerability appears to have been fixed in after commit 4a4bb874f63741026bd26264c43bb32b1099f060. (CVE-2018-1000858)
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiakernel0 (affected), 5.2.10-1.mga7 (unaffected)
Mageiakernel-userspace-headers0 (affected), 5.2.10-1.mga7 (unaffected)
Mageiakmod-virtualbox0 (affected), 6.0.10-4.mga7 (unaffected)
Mageiakmod-xtables-addons0 (affected), 3.3-58.mga7 (unaffected)
Mageiagnupg20 (affected), 2.1.21-3.2.mga6 (unaffected), 0 (affected), 2.1.21-3.2.mga6 (unaffected)

Aliases

CVE-2018-1000858

Transitive aliases

EUVD-2018-2043BDU:2020-01716GHSA-44cw-f8qw-mf2h

References

Updated gnupg2 packages fix security vulnerability
advisory
Updated gnupg2 packages fix security vulnerability
issue
Updated gnupg2 packages fix security vulnerability
issue
Updated gnupg2 packages fix security vulnerability
advisory
Updated kernel packages fixes various bugs
advisory
Updated kernel packages fixes various bugs
issue
Updated kernel packages fixes various bugs
issue
Updated kernel packages fixes various bugs
issue
Updated kernel packages fixes various bugs
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›