70 matches found
FreeBSD : cryptopp -- ElGamal implementation allows plaintext recovery (7695b0af-958f-11ec-9aa3-4ccc6adda413)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7695b0af-958f-11ec-9aa3-4ccc6adda413 advisory. - The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during...
EulerOS 2.0 SP10 : libgcrypt (EulerOS-SA-2022-1209)
According to the versions of the libgcrypt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic librarie...
EulerOS 2.0 SP3 : libgcrypt (EulerOS-SA-2022-1173)
According to the versions of the libgcrypt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel atta...
Mageia: Security Advisory (MGASA-2021-0446)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libgcrypt (EulerOS-SA-2021-2922)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : libgcrypt (EulerOS-SA-2021-2922)
According to the versions of the libgcrypt package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries...
EulerOS 2.0 SP9 : libgcrypt (EulerOS-SA-2021-2914)
According to the versions of the libgcrypt package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries...
Updated botan2 packages fix security vulnerability
Updated botan2 packages fix security vulnerability: The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the...
Updated libcryptopp packages fix security vulnerability
The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's...
Ubuntu 16.04 ESM : Libgcrypt vulnerabilities (USN-5080-2)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5080-2 advisory. USN-5080-1 fixed several vulnerabilities in Libgcrypt. This update provides the corresponding update for Ubuntu 16.04 ESM. Tenable has extracted the...
CVE-2021-40529
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the...
CVE-2021-40528
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's...
CVE-2021-40528
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's...
CVE-2021-40529
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the...
CVE-2021-40530
The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's...
Cross site scripting
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's...
Cross site scripting
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the...
CVE-2021-40529
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the...
CVE-2021-40529
The CVE-2021-40529 entry concerns the ElGamal implementation in Botan (through 2.18.1), used by Thunderbird and other products. A cross-configuration attack between two cryptographic libraries can lead to plaintext recovery by exploiting a dangerous combination of the receiver’s key prime and gen...
CVE-2021-40529
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the...