Getfiregpg: Security Vulnerabilities
A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-11-18
FireGPG before 0.6 handle user’s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users’s private key.
CVSS Score
7.5
EPSS Score
0.002
Published
2019-11-08