Vulnerabilities > Gnupg > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-07-01 | CVE-2022-34903 | Injection vulnerability in multiple products GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line. | 6.5 |
2021-09-06 | CVE-2021-40528 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Gnupg Libgcrypt The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP. | 5.9 |
2019-11-29 | CVE-2015-0837 | Information Exposure Through Discrepancy vulnerability in multiple products The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack." | 5.9 |
2019-11-29 | CVE-2014-3591 | Information Exposure vulnerability in multiple products Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication. | 4.2 |
2019-11-27 | CVE-2011-2207 | Improper Certificate Validation vulnerability in multiple products dirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to cause a denial of service (DOS) via a specially-crafted certificate. | 5.3 |
2019-11-20 | CVE-2015-1607 | Improper Input Validation vulnerability in multiple products kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service (invalid read operation) via a crafted keyring file, related to sign extensions and "memcpy with overlapping ranges." | 5.5 |
2019-11-20 | CVE-2015-1606 | Use After Free vulnerability in multiple products The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service (invalid read and use-after-free) via a crafted keyring file. | 5.5 |
2019-06-20 | CVE-2019-12904 | Exposure of Resource to Wrong Sphere vulnerability in multiple products In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. | 5.9 |
2018-07-26 | CVE-2017-7526 | Cryptographic Issues vulnerability in multiple products libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. | 6.8 |
2018-06-13 | CVE-2018-0495 | Information Exposure Through Discrepancy vulnerability in multiple products Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. | 4.7 |