FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gnupg -- unsanitized output (CVE-2018-12020)

Affected packages
gnupg < 2.2.8
gnupg1 < 1.4.23

Details

VuXML ID 7da0417f-6b24-11e8-84cc-002590acae31
Discovery 2018-06-07
Entry 2018-06-08

GnuPG reports:

GnuPG did not sanitize input file names, which may then be output to the terminal. This could allow terminal control sequences or fake status messages to be injected into the output.

References

CVE Name CVE-2017-7526
CVE Name CVE-2018-12020
URL https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7526
URL https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12020