Vulnerabilities > Gnupg > Libgcrypt

DATE CVE VULNERABILITY TITLE RISK
2021-09-06 CVE-2021-40528 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Gnupg Libgcrypt
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.
network
high complexity
gnupg CWE-327
5.9
2021-06-08 CVE-2021-33560 Information Exposure Through Discrepancy vulnerability in multiple products
Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately.
network
low complexity
gnupg debian fedoraproject oracle CWE-203
7.5
2021-01-29 CVE-2021-3345 Out-of-bounds Write vulnerability in multiple products
_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value.
local
low complexity
gnupg oracle CWE-787
7.8
2019-11-29 CVE-2015-0837 Information Exposure Through Discrepancy vulnerability in multiple products
The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack."
network
high complexity
gnupg debian CWE-203
5.9
2019-11-29 CVE-2014-3591 Information Exposure vulnerability in multiple products
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication.
high complexity
gnupg debian CWE-200
4.2
2019-06-20 CVE-2019-12904 Exposure of Resource to Wrong Sphere vulnerability in multiple products
In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes.
network
high complexity
gnupg opensuse CWE-668
5.9
2018-07-26 CVE-2017-7526 Cryptographic Issues vulnerability in multiple products
libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion.
network
high complexity
gnupg canonical debian CWE-310
6.8
2018-06-13 CVE-2018-0495 Information Exposure Through Discrepancy vulnerability in multiple products
Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP.
local
high complexity
gnupg canonical debian redhat oracle CWE-203
4.7
2018-02-07 CVE-2018-6829 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Gnupg Libgcrypt
cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack).
network
low complexity
gnupg CWE-327
7.5
2017-08-29 CVE-2017-0379 Information Exposure vulnerability in multiple products
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c.
network
low complexity
gnupg debian CWE-200
7.5