lib/Crypto/PublicKey/ElGamal.py in PyCrypto up to and including 2.6.1 generates weak ElGamal key parameters, which allows malicious users to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for PyCrypto's ElGamal implementation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dlitz pycrypto |
||
debian debian linux 7.0 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 17.10 |