7.8
CVE-2025-68973
- EPSS 0.02%
- Veröffentlicht 28.12.2025 16:19:11
- Zuletzt bearbeitet 14.01.2026 19:16:46
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.04 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7 | 1 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| cve@mitre.org | 7.8 | 1.4 | 5.8 |
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
|
CWE-675 Multiple Operations on Resource in Single-Operation Context
The product performs the same operation on a resource two or more times, when the operation should only be applied once.
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.