Libgcrypt and GnuPG versions before 1.6.3 and 1.4.19 do not implement ciphertext blinding for Elgamal decryption, allowing physically proximate attackers to obtain the server's private key
Reporter | Title | Published | Views | Family All 91 |
---|---|---|---|---|
![]() | SUSE SLED12 / SLES12 Security Update : libgcrypt (SUSE-SU-2015:1179-1) | 6 Jul 201500:00 | – | nessus |
![]() | EulerOS 2.0 SP5 : libgcrypt (EulerOS-SA-2019-2695) | 23 Dec 201900:00 | – | nessus |
![]() | EulerOS 2.0 SP2 : libgcrypt (EulerOS-SA-2020-1672) | 17 Jun 202000:00 | – | nessus |
![]() | Fedora 20 : gnupg-1.4.19-2.fc20 (2015-3253) | 17 Mar 201500:00 | – | nessus |
![]() | Debian DSA-3185-1 : libgcrypt11 - security update | 13 Mar 201500:00 | – | nessus |
![]() | Fedora 22 : gnupg-1.4.19-1.fc22 (2015-2872) | 17 Mar 201500:00 | – | nessus |
![]() | Ubuntu 14.04 LTS : Libgcrypt vulnerabilities (USN-2555-1) | 2 Apr 201500:00 | – | nessus |
![]() | Fedora 22 : libgcrypt-1.6.3-1.fc22 (2015-3399) | 17 Mar 201500:00 | – | nessus |
![]() | Mandriva Linux Security Advisory : gnupg (MDVSA-2015:155) | 30 Mar 201500:00 | – | nessus |
![]() | Fedora 21 : mingw-libgcrypt-1.6.3-1.fc21 (2015-6881) | 5 May 201500:00 | – | nessus |
[
{
"product": "Libgcrypt",
"vendor": "GNU",
"versions": [
{
"status": "affected",
"version": "before 1.6.3"
}
]
},
{
"product": "GnuPG",
"vendor": "GNU",
"versions": [
{
"status": "affected",
"version": "before 1.4.19"
}
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo