Описание
lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for PyCrypto's ElGamal implementation.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | released | 3.4.7-1ubuntu1 |
| devel | released | 3.4.7-1ubuntu1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | released | 3.4.7-1ubuntu1 |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | needs-triage | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 2.6.1-7ubuntu0.1 |
| bionic | released | 2.6.1-8ubuntu2 |
| devel | released | 2.6.1-8ubuntu2 |
| esm-infra-legacy/trusty | released | 2.6.1-4ubuntu0.3 |
| esm-infra/bionic | released | 2.6.1-8ubuntu2 |
| esm-infra/xenial | released | 2.6.1-6ubuntu0.16.04.3 |
| precise/esm | not-affected | 2.4.1-1ubuntu0.3 |
| trusty | released | 2.6.1-4ubuntu0.3 |
| trusty/esm | released | 2.6.1-4ubuntu0.3 |
| upstream | needs-triage |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for PyCrypto's ElGamal implementation.
lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for PyCrypto's ElGamal implementation.
lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates we ...
Уязвимость пакета, содержащего криптографические алгоритмы и протоколы для Python, Python-crypto, связанная с генерацией слабых ключевых параметров, позволяющая нарушителю получить несанкционированный доступ к конфиденциальным данным
EPSS
5 Medium
CVSS2
7.5 High
CVSS3