ALPINE-CVE-2022-34903

See a problem?
Please try reporting it to the source first.
Source
https://security.alpinelinux.org/vuln/CVE-2022-34903
Import Source
https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-34903.json
JSON Data
https://api.osv.dev/v1/vulns/ALPINE-CVE-2022-34903
Upstream
Published
2022-07-01T22:15:08.120Z
Modified
2025-11-19T06:20:16.235209Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N CVSS Calculator
Summary
[none]
Details

GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.

References

Affected packages

Alpine:v3.13

gnupg

Package

Name
gnupg
Purl
pkg:apk/alpine/gnupg?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.31-r1

Affected versions

2.*

2.0.10-r0
2.0.10-r1
2.0.15-r0
2.0.16-r0
2.0.16-r1
2.0.16-r2
2.0.17-r0
2.0.18-r0
2.0.19-r0
2.0.20-r0
2.0.21-r0
2.0.22-r0
2.0.22-r1
2.1.0_beta751-r1
2.1.0_beta783-r1
2.1.0_beta895-r1
2.1.0-r1
2.1.1-r1
2.1.2-r1
2.1.3-r1
2.1.4-r1
2.1.5-r1
2.1.6-r1
2.1.7-r1
2.1.8-r0
2.1.9-r0
2.1.9-r1
2.1.10-r0
2.1.10-r1
2.1.11-r0
2.1.12-r0
2.1.13-r0
2.1.14-r0
2.1.15-r0
2.1.16-r0
2.1.17-r0
2.1.18-r0
2.1.19-r0
2.1.20-r0
2.1.21-r0
2.1.22-r0
2.1.23-r0
2.1.23-r1
2.2.0-r0
2.2.0-r1
2.2.1-r0
2.2.2-r0
2.2.3-r0
2.2.3-r1
2.2.5-r0
2.2.6-r0
2.2.6-r2
2.2.6-r3
2.2.7-r0
2.2.8-r0
2.2.9-r0
2.2.9-r1
2.2.10-r0
2.2.12-r0
2.2.13-r0
2.2.14-r0
2.2.15-r0
2.2.16-r0
2.2.17-r0
2.2.18-r0
2.2.19-r0
2.2.19-r1
2.2.20-r0
2.2.21-r0
2.2.21-r1
2.2.23-r0
2.2.24-r0
2.2.25-r0
2.2.26-r0
2.2.27-r0
2.2.31-r0

Alpine:v3.14

gnupg

Package

Name
gnupg
Purl
pkg:apk/alpine/gnupg?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.31-r1

Affected versions

2.*

2.0.10-r0
2.0.10-r1
2.0.15-r0
2.0.16-r0
2.0.16-r1
2.0.16-r2
2.0.17-r0
2.0.18-r0
2.0.19-r0
2.0.20-r0
2.0.21-r0
2.0.22-r0
2.0.22-r1
2.1.0_beta751-r1
2.1.0_beta783-r1
2.1.0_beta895-r1
2.1.0-r1
2.1.1-r1
2.1.2-r1
2.1.3-r1
2.1.4-r1
2.1.5-r1
2.1.6-r1
2.1.7-r1
2.1.8-r0
2.1.9-r0
2.1.9-r1
2.1.10-r0
2.1.10-r1
2.1.11-r0
2.1.12-r0
2.1.13-r0
2.1.14-r0
2.1.15-r0
2.1.16-r0
2.1.17-r0
2.1.18-r0
2.1.19-r0
2.1.20-r0
2.1.21-r0
2.1.22-r0
2.1.23-r0
2.1.23-r1
2.2.0-r0
2.2.0-r1
2.2.1-r0
2.2.2-r0
2.2.3-r0
2.2.3-r1
2.2.5-r0
2.2.6-r0
2.2.6-r2
2.2.6-r3
2.2.7-r0
2.2.8-r0
2.2.9-r0
2.2.9-r1
2.2.10-r0
2.2.12-r0
2.2.13-r0
2.2.14-r0
2.2.15-r0
2.2.16-r0
2.2.17-r0
2.2.18-r0
2.2.19-r0
2.2.19-r1
2.2.20-r0
2.2.21-r0
2.2.21-r1
2.2.23-r0
2.2.24-r0
2.2.25-r0
2.2.26-r0
2.2.27-r0
2.2.31-r0

Alpine:v3.15

gnupg

Package

Name
gnupg
Purl
pkg:apk/alpine/gnupg?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.31-r2

Affected versions

2.*

2.0.10-r0
2.0.10-r1
2.0.15-r0
2.0.16-r0
2.0.16-r1
2.0.16-r2
2.0.17-r0
2.0.18-r0
2.0.19-r0
2.0.20-r0
2.0.21-r0
2.0.22-r0
2.0.22-r1
2.1.0_beta751-r1
2.1.0_beta783-r1
2.1.0_beta895-r1
2.1.0-r1
2.1.1-r1
2.1.2-r1
2.1.3-r1
2.1.4-r1
2.1.5-r1
2.1.6-r1
2.1.7-r1
2.1.8-r0
2.1.9-r0
2.1.9-r1
2.1.10-r0
2.1.10-r1
2.1.11-r0
2.1.12-r0
2.1.13-r0
2.1.14-r0
2.1.15-r0
2.1.16-r0
2.1.17-r0
2.1.18-r0
2.1.19-r0
2.1.20-r0
2.1.21-r0
2.1.22-r0
2.1.23-r0
2.1.23-r1
2.2.0-r0
2.2.0-r1
2.2.1-r0
2.2.2-r0
2.2.3-r0
2.2.3-r1
2.2.5-r0
2.2.6-r0
2.2.6-r2
2.2.6-r3
2.2.7-r0
2.2.8-r0
2.2.9-r0
2.2.9-r1
2.2.10-r0
2.2.12-r0
2.2.13-r0
2.2.14-r0
2.2.15-r0
2.2.16-r0
2.2.17-r0
2.2.18-r0
2.2.19-r0
2.2.19-r1
2.2.20-r0
2.2.21-r0
2.2.21-r1
2.2.23-r0
2.2.24-r0
2.2.25-r0
2.2.26-r0
2.2.27-r0
2.2.28-r0
2.2.29-r0
2.2.29-r1
2.2.29-r2
2.2.29-r3
2.2.29-r4
2.2.29-r5
2.2.31-r0
2.2.31-r1

Alpine:v3.16

gnupg

Package

Name
gnupg
Purl
pkg:apk/alpine/gnupg?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.35-r4

Affected versions

2.*

2.0.10-r0
2.0.10-r1
2.0.15-r0
2.0.16-r0
2.0.16-r1
2.0.16-r2
2.0.17-r0
2.0.18-r0
2.0.19-r0
2.0.20-r0
2.0.21-r0
2.0.22-r0
2.0.22-r1
2.1.0_beta751-r1
2.1.0_beta783-r1
2.1.0_beta895-r1
2.1.0-r1
2.1.1-r1
2.1.2-r1
2.1.3-r1
2.1.4-r1
2.1.5-r1
2.1.6-r1
2.1.7-r1
2.1.8-r0
2.1.9-r0
2.1.9-r1
2.1.10-r0
2.1.10-r1
2.1.11-r0
2.1.12-r0
2.1.13-r0
2.1.14-r0
2.1.15-r0
2.1.16-r0
2.1.17-r0
2.1.18-r0
2.1.19-r0
2.1.20-r0
2.1.21-r0
2.1.22-r0
2.1.23-r0
2.1.23-r1
2.2.0-r0
2.2.0-r1
2.2.1-r0
2.2.2-r0
2.2.3-r0
2.2.3-r1
2.2.5-r0
2.2.6-r0
2.2.6-r2
2.2.6-r3
2.2.7-r0
2.2.8-r0
2.2.9-r0
2.2.9-r1
2.2.10-r0
2.2.12-r0
2.2.13-r0
2.2.14-r0
2.2.15-r0
2.2.16-r0
2.2.17-r0
2.2.18-r0
2.2.19-r0
2.2.19-r1
2.2.20-r0
2.2.21-r0
2.2.21-r1
2.2.23-r0
2.2.24-r0
2.2.25-r0
2.2.26-r0
2.2.27-r0
2.2.28-r0
2.2.29-r0
2.2.29-r1
2.2.29-r2
2.2.29-r3
2.2.29-r4
2.2.29-r5
2.2.31-r0
2.2.31-r1
2.2.33-r0
2.2.34-r0
2.2.35-r0
2.2.35-r1
2.2.35-r2
2.2.35-r3

Alpine:v3.17

gnupg

Package

Name
gnupg
Purl
pkg:apk/alpine/gnupg?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.35-r4

Affected versions

2.*

2.0.10-r0
2.0.10-r1
2.0.15-r0
2.0.16-r0
2.0.16-r1
2.0.16-r2
2.0.17-r0
2.0.18-r0
2.0.19-r0
2.0.20-r0
2.0.21-r0
2.0.22-r0
2.0.22-r1
2.1.0_beta751-r1
2.1.0_beta783-r1
2.1.0_beta895-r1
2.1.0-r1
2.1.1-r1
2.1.2-r1
2.1.3-r1
2.1.4-r1
2.1.5-r1
2.1.6-r1
2.1.7-r1
2.1.8-r0
2.1.9-r0
2.1.9-r1
2.1.10-r0
2.1.10-r1
2.1.11-r0
2.1.12-r0
2.1.13-r0
2.1.14-r0
2.1.15-r0
2.1.16-r0
2.1.17-r0
2.1.18-r0
2.1.19-r0
2.1.20-r0
2.1.21-r0
2.1.22-r0
2.1.23-r0
2.1.23-r1
2.2.0-r0
2.2.0-r1
2.2.1-r0
2.2.2-r0
2.2.3-r0
2.2.3-r1
2.2.5-r0
2.2.6-r0
2.2.6-r2
2.2.6-r3
2.2.7-r0
2.2.8-r0
2.2.9-r0
2.2.9-r1
2.2.10-r0
2.2.12-r0
2.2.13-r0
2.2.14-r0
2.2.15-r0
2.2.16-r0
2.2.17-r0
2.2.18-r0
2.2.19-r0
2.2.19-r1
2.2.20-r0
2.2.21-r0
2.2.21-r1
2.2.23-r0
2.2.24-r0
2.2.25-r0
2.2.26-r0
2.2.27-r0
2.2.28-r0
2.2.29-r0
2.2.29-r1
2.2.29-r2
2.2.29-r3
2.2.29-r4
2.2.29-r5
2.2.31-r0
2.2.31-r1
2.2.33-r0
2.2.34-r0
2.2.35-r0
2.2.35-r1
2.2.35-r2
2.2.35-r3

Alpine:v3.18

gnupg

Package

Name
gnupg
Purl
pkg:apk/alpine/gnupg?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.35-r4

Affected versions

2.*

2.0.10-r0
2.0.10-r1
2.0.15-r0
2.0.16-r0
2.0.16-r1
2.0.16-r2
2.0.17-r0
2.0.18-r0
2.0.19-r0
2.0.20-r0
2.0.21-r0
2.0.22-r0
2.0.22-r1
2.1.0_beta751-r1
2.1.0_beta783-r1
2.1.0_beta895-r1
2.1.0-r1
2.1.1-r1
2.1.2-r1
2.1.3-r1
2.1.4-r1
2.1.5-r1
2.1.6-r1
2.1.7-r1
2.1.8-r0
2.1.9-r0
2.1.9-r1
2.1.10-r0
2.1.10-r1
2.1.11-r0
2.1.12-r0
2.1.13-r0
2.1.14-r0
2.1.15-r0
2.1.16-r0
2.1.17-r0
2.1.18-r0
2.1.19-r0
2.1.20-r0
2.1.21-r0
2.1.22-r0
2.1.23-r0
2.1.23-r1
2.2.0-r0
2.2.0-r1
2.2.1-r0
2.2.2-r0
2.2.3-r0
2.2.3-r1
2.2.5-r0
2.2.6-r0
2.2.6-r2
2.2.6-r3
2.2.7-r0
2.2.8-r0
2.2.9-r0
2.2.9-r1
2.2.10-r0
2.2.12-r0
2.2.13-r0
2.2.14-r0
2.2.15-r0
2.2.16-r0
2.2.17-r0
2.2.18-r0
2.2.19-r0
2.2.19-r1
2.2.20-r0
2.2.21-r0
2.2.21-r1
2.2.23-r0
2.2.24-r0
2.2.25-r0
2.2.26-r0
2.2.27-r0
2.2.28-r0
2.2.29-r0
2.2.29-r1
2.2.29-r2
2.2.29-r3
2.2.29-r4
2.2.29-r5
2.2.31-r0
2.2.31-r1
2.2.33-r0
2.2.34-r0
2.2.35-r0
2.2.35-r1
2.2.35-r2
2.2.35-r3

Alpine:v3.19

gnupg

Package

Name
gnupg
Purl
pkg:apk/alpine/gnupg?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.35-r4

Affected versions

2.*

2.0.10-r0
2.0.10-r1
2.0.15-r0
2.0.16-r0
2.0.16-r1
2.0.16-r2
2.0.17-r0
2.0.18-r0
2.0.19-r0
2.0.20-r0
2.0.21-r0
2.0.22-r0
2.0.22-r1
2.1.0_beta751-r1
2.1.0_beta783-r1
2.1.0_beta895-r1
2.1.0-r1
2.1.1-r1
2.1.2-r1
2.1.3-r1
2.1.4-r1
2.1.5-r1
2.1.6-r1
2.1.7-r1
2.1.8-r0
2.1.9-r0
2.1.9-r1
2.1.10-r0
2.1.10-r1
2.1.11-r0
2.1.12-r0
2.1.13-r0
2.1.14-r0
2.1.15-r0
2.1.16-r0
2.1.17-r0
2.1.18-r0
2.1.19-r0
2.1.20-r0
2.1.21-r0
2.1.22-r0
2.1.23-r0
2.1.23-r1
2.2.0-r0
2.2.0-r1
2.2.1-r0
2.2.2-r0
2.2.3-r0
2.2.3-r1
2.2.5-r0
2.2.6-r0
2.2.6-r2
2.2.6-r3
2.2.7-r0
2.2.8-r0
2.2.9-r0
2.2.9-r1
2.2.10-r0
2.2.12-r0
2.2.13-r0
2.2.14-r0
2.2.15-r0
2.2.16-r0
2.2.17-r0
2.2.18-r0
2.2.19-r0
2.2.19-r1
2.2.20-r0
2.2.21-r0
2.2.21-r1
2.2.23-r0
2.2.24-r0
2.2.25-r0
2.2.26-r0
2.2.27-r0
2.2.28-r0
2.2.29-r0
2.2.29-r1
2.2.29-r2
2.2.29-r3
2.2.29-r4
2.2.29-r5
2.2.31-r0
2.2.31-r1
2.2.33-r0
2.2.34-r0
2.2.35-r0
2.2.35-r1
2.2.35-r2
2.2.35-r3

Alpine:v3.20

gnupg

Package

Name
gnupg
Purl
pkg:apk/alpine/gnupg?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.35-r4

Affected versions

2.*

2.0.10-r0
2.0.10-r1
2.0.15-r0
2.0.16-r0
2.0.16-r1
2.0.16-r2
2.0.17-r0
2.0.18-r0
2.0.19-r0
2.0.20-r0
2.0.21-r0
2.0.22-r0
2.0.22-r1
2.1.0_beta751-r1
2.1.0_beta783-r1
2.1.0_beta895-r1
2.1.0-r1
2.1.1-r1
2.1.2-r1
2.1.3-r1
2.1.4-r1
2.1.5-r1
2.1.6-r1
2.1.7-r1
2.1.8-r0
2.1.9-r0
2.1.9-r1
2.1.10-r0
2.1.10-r1
2.1.11-r0
2.1.12-r0
2.1.13-r0
2.1.14-r0
2.1.15-r0
2.1.16-r0
2.1.17-r0
2.1.18-r0
2.1.19-r0
2.1.20-r0
2.1.21-r0
2.1.22-r0
2.1.23-r0
2.1.23-r1
2.2.0-r0
2.2.0-r1
2.2.1-r0
2.2.2-r0
2.2.3-r0
2.2.3-r1
2.2.5-r0
2.2.6-r0
2.2.6-r2
2.2.6-r3
2.2.7-r0
2.2.8-r0
2.2.9-r0
2.2.9-r1
2.2.10-r0
2.2.12-r0
2.2.13-r0
2.2.14-r0
2.2.15-r0
2.2.16-r0
2.2.17-r0
2.2.18-r0
2.2.19-r0
2.2.19-r1
2.2.20-r0
2.2.21-r0
2.2.21-r1
2.2.23-r0
2.2.24-r0
2.2.25-r0
2.2.26-r0
2.2.27-r0
2.2.28-r0
2.2.29-r0
2.2.29-r1
2.2.29-r2
2.2.29-r3
2.2.29-r4
2.2.29-r5
2.2.31-r0
2.2.31-r1
2.2.33-r0
2.2.34-r0
2.2.35-r0
2.2.35-r1
2.2.35-r2
2.2.35-r3

Alpine:v3.21

gnupg

Package

Name
gnupg
Purl
pkg:apk/alpine/gnupg?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.35-r4

Affected versions

2.*

2.0.10-r0
2.0.10-r1
2.0.15-r0
2.0.16-r0
2.0.16-r1
2.0.16-r2
2.0.17-r0
2.0.18-r0
2.0.19-r0
2.0.20-r0
2.0.21-r0
2.0.22-r0
2.0.22-r1
2.1.0_beta751-r1
2.1.0_beta783-r1
2.1.0_beta895-r1
2.1.0-r1
2.1.1-r1
2.1.2-r1
2.1.3-r1
2.1.4-r1
2.1.5-r1
2.1.6-r1
2.1.7-r1
2.1.8-r0
2.1.9-r0
2.1.9-r1
2.1.10-r0
2.1.10-r1
2.1.11-r0
2.1.12-r0
2.1.13-r0
2.1.14-r0
2.1.15-r0
2.1.16-r0
2.1.17-r0
2.1.18-r0
2.1.19-r0
2.1.20-r0
2.1.21-r0
2.1.22-r0
2.1.23-r0
2.1.23-r1
2.2.0-r0
2.2.0-r1
2.2.1-r0
2.2.2-r0
2.2.3-r0
2.2.3-r1
2.2.5-r0
2.2.6-r0
2.2.6-r2
2.2.6-r3
2.2.7-r0
2.2.8-r0
2.2.9-r0
2.2.9-r1
2.2.10-r0
2.2.12-r0
2.2.13-r0
2.2.14-r0
2.2.15-r0
2.2.16-r0
2.2.17-r0
2.2.18-r0
2.2.19-r0
2.2.19-r1
2.2.20-r0
2.2.21-r0
2.2.21-r1
2.2.23-r0
2.2.24-r0
2.2.25-r0
2.2.26-r0
2.2.27-r0
2.2.28-r0
2.2.29-r0
2.2.29-r1
2.2.29-r2
2.2.29-r3
2.2.29-r4
2.2.29-r5
2.2.31-r0
2.2.31-r1
2.2.33-r0
2.2.34-r0
2.2.35-r0
2.2.35-r1
2.2.35-r2
2.2.35-r3

Alpine:v3.22

gnupg

Package

Name
gnupg
Purl
pkg:apk/alpine/gnupg?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.35-r4

Affected versions

2.*

2.0.10-r0
2.0.10-r1
2.0.15-r0
2.0.16-r0
2.0.16-r1
2.0.16-r2
2.0.17-r0
2.0.18-r0
2.0.19-r0
2.0.20-r0
2.0.21-r0
2.0.22-r0
2.0.22-r1
2.1.0_beta751-r1
2.1.0_beta783-r1
2.1.0_beta895-r1
2.1.0-r1
2.1.1-r1
2.1.2-r1
2.1.3-r1
2.1.4-r1
2.1.5-r1
2.1.6-r1
2.1.7-r1
2.1.8-r0
2.1.9-r0
2.1.9-r1
2.1.10-r0
2.1.10-r1
2.1.11-r0
2.1.12-r0
2.1.13-r0
2.1.14-r0
2.1.15-r0
2.1.16-r0
2.1.17-r0
2.1.18-r0
2.1.19-r0
2.1.20-r0
2.1.21-r0
2.1.22-r0
2.1.23-r0
2.1.23-r1
2.2.0-r0
2.2.0-r1
2.2.1-r0
2.2.2-r0
2.2.3-r0
2.2.3-r1
2.2.5-r0
2.2.6-r0
2.2.6-r2
2.2.6-r3
2.2.7-r0
2.2.8-r0
2.2.9-r0
2.2.9-r1
2.2.10-r0
2.2.12-r0
2.2.13-r0
2.2.14-r0
2.2.15-r0
2.2.16-r0
2.2.17-r0
2.2.18-r0
2.2.19-r0
2.2.19-r1
2.2.20-r0
2.2.21-r0
2.2.21-r1
2.2.23-r0
2.2.24-r0
2.2.25-r0
2.2.26-r0
2.2.27-r0
2.2.28-r0
2.2.29-r0
2.2.29-r1
2.2.29-r2
2.2.29-r3
2.2.29-r4
2.2.29-r5
2.2.31-r0
2.2.31-r1
2.2.33-r0
2.2.34-r0
2.2.35-r0
2.2.35-r1
2.2.35-r2
2.2.35-r3