Sec

**Name of the Vulnerable Software and Affected Versions** signing-party versions 1.1.x through 2.9 **Description** The issue concerns an unsafe shell call in the gpg-key2ps component, which enables shell injection. This can be exploited via a User ID. **Recommendations** For versions 1.1.x through 2.9, consider disabling the gpg-key2ps component until a patch is available. Restrict access to the User ID field to minimize the risk of exploitation.