{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"critical"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2003-0255","title":"Title"},{"category":"description","text":"The key validation code in GnuPG before 1.2.2 does not properly determine the validity of keys with multiple user IDs and assigns the greatest validity of the most valid user ID, which prevents GnuPG from warning the encrypting user when a user ID does not have a trusted path.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2003-0255","url":"https://www.suse.com/security/cve/CVE-2003-0255"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 42085 for CVE-2003-0255","url":"https://bugzilla.suse.com/42085"}],"title":"SUSE CVE CVE-2003-0255","tracking":{"current_release_date":"2023-02-15T06:21:42Z","generator":{"date":"2023-02-15T06:21:42Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2003-0255","initial_release_date":"2023-02-15T06:21:42Z","revision_history":[{"date":"2023-02-15T06:21:42Z","number":"2","summary":"Current version"}],"status":"interim","version":"2"}}}