This page aggregates publicly disclosed CVE and security risk information related to sks_keyserver_project, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2019-13050 | Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack. | [email protected] | 7.5 | 2.66% | 2019-06-29 | 2026-06-16 |
| CVE-2014-3207 | Cross-site scripting (XSS) vulnerability in wserver.ml in SKS Keyserver before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to pks/lookup/undefined1. | [email protected] | 4.3 | 1.93% | 2014-05-08 | 2026-06-16 |