Vulnerability in GnuPG has allowed counterfeiting of digital signatures for decades
A failure affecting GnuPG has made some of the most commonly used e-mail encryption programs vulnerable to digital signature falsification. The list of affected programs includes Enigmail and GPGTools. About Vulnerability (CVE-2018-12020) The vulnerability CVE-2018-12020, nicknamed SigSpoof by Marcus Brinkmann, the investigator who found it, emerged from “weak design choices.” According to the information security […]