CVE-2014-4617

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2014-4617
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2014-4617.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2014-4617
Downstream
Related
Withdrawn
2026-01-27T04:12:48.659816Z
Published
2014-06-25T11:19:22Z
Modified
2026-01-27T04:12:48.659816Z
Summary
[none]
Details

The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence.

References

Affected packages