{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2000-12-19T00:00:00", "descriptions": [{"lang": "en", "value": "gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "CLA-2000:368", "tags": ["vendor-advisory", "x_refsource_CONECTIVA"], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000368"}, {"name": "DSA-010-1", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2000/20001225b"}, {"name": "MDKSA-2000-087", "tags": ["vendor-advisory", "x_refsource_MANDRAKE"], "url": "http://www.linux-mandrake.com/en/updates/2000/MDKSA-2000-087.php3"}, {"name": "2153", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/2153"}, {"name": "RHSA-2000:131", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2000-131.html"}, {"name": "gnupg-reveal-private(5803)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5803"}, {"name": "20001220 Trustix Security Advisory - gnupg, ftpd-BSD", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/152197"}, {"name": "1702", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/1702"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0072", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "CLA-2000:368", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000368"}, {"name": "DSA-010-1", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2000/20001225b"}, {"name": "MDKSA-2000-087", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/updates/2000/MDKSA-2000-087.php3"}, {"name": "2153", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2153"}, {"name": "RHSA-2000:131", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-131.html"}, {"name": "gnupg-reveal-private(5803)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5803"}, {"name": "20001220 Trustix Security Advisory - gnupg, ftpd-BSD", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/152197"}, {"name": "1702", "refsource": "OSVDB", "url": "http://www.osvdb.org/1702"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T04:06:54.929Z"}, "title": "CVE Program Container", "references": [{"name": "CLA-2000:368", "tags": ["vendor-advisory", "x_refsource_CONECTIVA", "x_transferred"], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000368"}, {"name": "DSA-010-1", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2000/20001225b"}, {"name": "MDKSA-2000-087", "tags": ["vendor-advisory", "x_refsource_MANDRAKE", "x_transferred"], "url": "http://www.linux-mandrake.com/en/updates/2000/MDKSA-2000-087.php3"}, {"name": "2153", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/2153"}, {"name": "RHSA-2000:131", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2000-131.html"}, {"name": "gnupg-reveal-private(5803)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5803"}, {"name": "20001220 Trustix Security Advisory - gnupg, ftpd-BSD", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/152197"}, {"name": "1702", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/1702"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0072", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-02-01T00:00:00", "dateUpdated": "2024-08-08T04:06:54.929Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:privacy_guard:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "E054978B-8466-4D12-B7DC-7E72CC57F0DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "F38F964B-C5D1-4177-BD31-7AB4083CC431", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "4DF7811A-B254-4829-AED2-C70BD5C82592", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "72ED862B-6278-41ED-9619-115E6552AFBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.0.3b:*:*:*:*:*:*:*", "matchCriteriaId": "1869E888-E83C-4A62-AA84-F2C9F2AF12FB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust."}], "id": "CVE-2001-0072", "lastModified": "2017-10-10T01:29:34.407", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2001-02-12T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000368"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2000/20001225b"}, {"source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/updates/2000/MDKSA-2000-087.php3"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/1702"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-131.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/152197"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/2153"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5803"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2000:131", "cpe": "cpe:/o:redhat:linux:6.2", "product_name": "Red Hat Linux 6.2", "release_date": "2000-12-19T00:00:00Z"}, {"advisory": "RHSA-2000:131", "cpe": "cpe:/o:redhat:linux:7.0", "product_name": "Red Hat Linux 7.0", "release_date": "2000-12-19T00:00:00Z"}], "bugzilla": {"description": "security flaw", "id": "1616565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616565"}, "csaw": false, "details": ["gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust."], "name": "CVE-2001-0072", "public_date": "2000-12-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2001-0072\nhttps://nvd.nist.gov/vuln/detail/CVE-2001-0072"]}