23 matches found
EUVD-2021-27704
Malicious code in bioql PyPI...
EUVD-2021-27705
Malicious code in bioql PyPI...
Amazon Linux 2 : python-crypto (ALASANSIBLE2-2025-012)
It is, therefore, affected by a vulnerability as referenced in the ALAS2ANSIBLE2-2025-012 advisory. lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not...
Linux Distros Unpatched Vulnerability : CVE-2021-40529
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two...
Oracle Linux 8 : libgcrypt (ELSA-2022-9564)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9564 advisory. 1.8.5-7fips - Add API to provide hash calculation in RSA/DSA/ECDSA signature operations Orabug: 33081130 - Change Epoch from 1 to 10 1.8.5-7 - Fix CVE-2021-3356...
Oracle Linux 8 : libgcrypt (ELSA-2022-5311)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-5311 advisory. 1.8.5-7 - Fix CVE-2021-33560 2018525 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus ha...
libgcrypt security update
An update is available for libgcrypt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libgcrypt library provides general-purpose implementations of various...
EulerOS Virtualization 2.10.0 : libgcrypt (EulerOS-SA-2022-1404)
According to the versions of the libgcrypt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two...
Huawei EulerOS: Security Advisory for libgcrypt (EulerOS-SA-2022-1378)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2021-0563 Updated botan2 packages fix security vulnerability
Updated botan2 packages fix security vulnerability: The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the...
MGASA-2021-0468 Updated libcryptopp packages fix security vulnerability
The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's...
Updated libgcrypt packages fix security vulnerability
The updated packages fix a security vulnerability: The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defin...
CVE-2021-40529
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the...
ALPINE-CVE-2021-40529
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the...
CVE-2021-40528
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's...
Cross site scripting
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the...
Cross site scripting
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's...
CVE-2021-40529
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the...
CVE-2021-40528
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's...
PT-2021-6020 · Libgcrypt +9 · Libgcrypt +9
Name of the Vulnerable Software and Affected Versions: Libgcrypt versions prior to 1.9.4 Description: The issue is related to the use of a weak cryptographic algorithm in the Libgcrypt library. It affects the ElGamal implementation, allowing plaintext recovery due to a dangerous combination of th...