CPE-8BC3F4B6-C685-41C5-8664-97524AD9850E Detail

CPE Details

GnuPG Libgcrypt 1.7.9

Vendor

gnupg

Product

libgcrypt

Version

1.7.9

Created

2018-04-18
13h54 +00:00

Modified

2018-04-18
13h54 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:gnupg:libgcrypt:1.7.9:::::::*

Informations

Vendor

gnupg

Product

libgcrypt

Version

1.7.9

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2021-40528	2021-09-05 22h00 +00:00	The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.	5.9	Medium
CVE-2021-33560	2021-06-07 22h00 +00:00	Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.	7.5	High
CVE-2018-0495	2018-06-13 21h00 +00:00	Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.	4.7	Medium
CVE-2018-6829	2018-02-07 22h00 +00:00	cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.	7.5	High
CVE-2017-0379	2017-08-29 20h00 +00:00	Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c.	7.5	High

GnuPG Libgcrypt 1.7.9

CPE Details

CPE Name: cpe:2.3:a:gnupg:libgcrypt:1.7.9:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:gnupg:libgcrypt:1.7.9:::::::*