Libgcrypt prior to 1.8.8 and 1.9.x prior to 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnupg libgcrypt |
||
debian debian linux 9.0 |
||
fedoraproject fedora 33 |
||
fedoraproject fedora 34 |
||
oracle communications cloud native core network repository function 1.14.0 |
||
oracle communications cloud native core network function cloud native environment 1.9.0 |
||
oracle communications cloud native core network slice selection function 1.8.0 |
||
oracle communications cloud native core network repository function 1.15.0 |
||
oracle communications cloud native core network function cloud native environment 1.10.0 |
||
oracle communications cloud native core service communication proxy 1.15.0 |
||
oracle communications cloud native core network repository function 1.15.1 |
||
oracle communications cloud native core binding support function 1.11.0 |