CVE-2006-5111
EPSS 1.2%
Description
The libksba library 0.9.12 and possibly other versions, as used by gpgsm in the newpg package on SUSE LINUX, allows attackers to cause a denial of service (application crash) via a malformed X.509 certificate in a signature.
How to fix CVE-2006-5111
To remediate CVE-2006-5111, upgrade the affected package to a fixed version below.
- Debian/libksba—upgrade to 0.9.14-1 or later
Is CVE-2006-5111 being exploited?
Low — EPSS is 1.2%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 0.9.14-1