Sks Keyserver Project Sks Keyserver vulnerabilities
2 known vulnerabilities affecting sks_keyserver_project/sks_keyserver.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2019-13050HIGHCVSS 7.5≤ 1.2.02019-06-29
CVE-2019-13050 [HIGH] CWE-295 CVE-2019-13050: Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG thr
Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack.
nvd
CVE-2014-3207MEDIUMCVSS 4.3≤ 1.1.4v0.1.0+10 more2014-05-08
CVE-2014-3207 [MEDIUM] CWE-79 CVE-2014-3207: Cross-site scripting (XSS) vulnerability in wserver.ml in SKS Keyserver before 1.1.5 allows remote a
Cross-site scripting (XSS) vulnerability in wserver.ml in SKS Keyserver before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to pks/lookup/undefined1.
nvd