CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Gnupg: >> Gnupg >> 2.5.3 Security Vulnerabilities

CVE-2025-30258

In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a "verification DoS."

CVSS Score

2.7

EPSS Score

0.0

Published

2025-03-19

Page 1

Vulnerabilities

Vulnerable Software

Gnupg: >> Gnupg >> 2.5.3 Security Vulnerabilities

Products

Pricing

Contact Us