Vulnerabilities > Gnupg
|2021-09-06||CVE-2021-40528|| Use of a Broken or Risky Cryptographic Algorithm vulnerability in Gnupg Libgcrypt |
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.
| 2.6 |
|2021-06-08||CVE-2021-33560|| Information Exposure Through Discrepancy vulnerability in multiple products |
Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately.
| 5.0 |
|2021-01-29||CVE-2021-3345|| Out-of-bounds Write vulnerability in Gnupg Libgcrypt 1.9.0 |
_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value.
| 7.2 |
|2020-09-03||CVE-2020-25125|| Classic Buffer Overflow vulnerability in multiple products |
GnuPG 2.2.21 and 2.2.22 (and Gpg4win 3.1.12) has an array overflow, leading to a crash or possibly unspecified other impact, when a victim imports an attacker's OpenPGP key, and this key has AEAD preferences.
| 6.8 |
|2020-03-20||CVE-2019-14855|| Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products |
A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm.
| 5.0 |
|2020-02-12||CVE-2020-8945|| Use After Free vulnerability in multiple products |
The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O.
| 5.1 |
|2019-11-29||CVE-2015-0837|| Information Exposure Through Discrepancy vulnerability in multiple products |
The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack."
| 4.3 |
|2019-11-29||CVE-2014-3591|| Information Exposure vulnerability in multiple products |
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication.
| 1.9 |
|2019-11-27||CVE-2011-2207|| Improper Certificate Validation vulnerability in multiple products |
dirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to cause a denial of service (DOS) via a specially-crafted certificate.
| 5.0 |
|2019-11-20||CVE-2015-1607|| Improper Input Validation vulnerability in multiple products |
kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service (invalid read operation) via a crafted keyring file, related to sign extensions and "memcpy with overlapping ranges."
| 4.3 |