Findings for Container Security, Low, [TheRedHatter/javagoof:Dockerfile]:Key Management Errors
Created by: armorcodegithubpreprod[bot]
Findings for Container Security, Low, [TheRedHatter/javagoof:Dockerfile]:Key Management Errors
Component Details
- Exploit Maturity: no-known-exploit
- Vulnerable Package: -
- Current Version: -
- Vulnerable Version(s): >*
- Vulnerable Path: >null
NVD Description
Note:
Versions mentioned in the description apply to the upstream gnupg2
package.
GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey.
References
Origin : null Type : null Image Id : null
Snyk Project Status: Active