---

CVE-2018-9234 - log back

CVE-2018-9234 created at 25 Sep 2019 19:31:40
Severity	+ Low
Remote	+ Local
Type	+ Insufficient validation
Description	+ When using a GnuPG smartcard in 2.2.4+ with an offline master [C]ertify key, it is possible to sign the keys of others with only a [S]igning subkey present.
References	+ https://bugs.archlinux.org/task/58120 + https://dev.gnupg.org/T3844 + https://dev.gnupg.org/rGa17d2d1f690ebe5d005b4589a5fe378b6487c657
Notes