CVE-2008-1530

EPSS 3.7%

Published: 3/27/2008Modified: 4/28/2026

Also known as:DEBIAN-CVE-2008-1530

Description

GnuPG (gpg) 1.4.8 and 2.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted duplicate keys that are imported from key servers, which triggers "memory corruption around deduplication of user IDs."

Affected packages (1)

Debian/gnupg2from 0, < 2.0.9-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-1530