Known Vulnerabilities for Libgcrypt by Gnupg
Listed below are 10 of the newest known vulnerabilities associated with "Libgcrypt" by "Gnupg".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-40528 | The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two crypto... | 5.9 - MEDIUM | 2021-09-06 | 2023-11-07 |
| CVE-2021-33560 | Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a s... | 7.5 - HIGH | 2021-06-08 | 2023-11-07 |
| CVE-2021-3345 | _gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest fina... | 7.8 - HIGH | 2021-01-29 | 2023-11-07 |
| CVE-2019-12904 | ** DISPUTED ** In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack becaus... | 5.9 - MEDIUM | 2019-06-20 | 2023-11-07 |
| CVE-2018-6829 | cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which all... | 7.5 - HIGH | 2018-02-07 | 2020-01-15 |
| CVE-2018-0495 | Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be miti... | 4.7 - MEDIUM | 2018-06-13 | 2023-11-07 |
| CVE-2017-9526 | In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing pro... | 5.9 - MEDIUM | 2017-06-11 | 2023-11-07 |
| CVE-2017-7526 | libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while... | 6.8 - MEDIUM | 2018-07-26 | 2023-11-07 |
| CVE-2017-0379 | Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to dis... | 7.5 - HIGH | 2017-08-29 | 2023-11-07 |
| CVE-2016-6313 | The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and... | 5.3 - MEDIUM | 2016-12-13 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Gnupg | Libgcrypt | 1.9.1 | All | All | All |
| Application | Gnupg | Libgcrypt | 1.9.0 | All | All | All |
| Application | Gnupg | Libgcrypt | 1.8.4 | All | All | All |
| Application | Gnupg | Libgcrypt | 1.8.3 | All | All | All |
| Application | Gnupg | Libgcrypt | 1.8.2 | All | All | All |
| Application | Gnupg | Libgcrypt | 1.8.1 | All | All | All |
| Application | Gnupg | Libgcrypt | 1.8.0 | All | All | All |
| Application | Gnupg | Libgcrypt | 1.7.9 | All | All | All |
| Application | Gnupg | Libgcrypt | 1.7.8 | All | All | All |
| Application | Gnupg | Libgcrypt | 1.7.7 | All | All | All |
| Application | Gnupg | Libgcrypt | 1.7.6 | All | All | All |
| Application | Gnupg | Libgcrypt | 1.7.5 | All | All | All |
| Application | Gnupg | Libgcrypt | 1.7.4 | All | All | All |
| Application | Gnupg | Libgcrypt | 1.7.3 | All | All | All |
| Application | Gnupg | Libgcrypt | 1.7.2 | All | All | All |
| Application | Gnupg | Libgcrypt | 1.7.10 | All | All | All |
| Application | Gnupg | Libgcrypt | 1.7.1 | All | All | All |
| Application | Gnupg | Libgcrypt | 1.7.0 | All | All | All |
| Application | Gnupg | Libgcrypt | 1.6.6 | All | All | All |
| Application | Gnupg | Libgcrypt | 1.6.5 | All | All | All |