Описание
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- PatchRelease NotesVendor Advisory
- PatchVendor Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- PatchRelease NotesVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Одно из
Одно из
EPSS
4.2 Medium
CVSS3
1.9 Low
CVSS2
Дефекты
Связанные уязвимости
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication.
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication.
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciph ...
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication.
EPSS
4.2 Medium
CVSS3
1.9 Low
CVSS2