Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-1s7v-ch36-tbga

Summary

A vulnerability in Libgcrypt could allow a remote attacker to
    extract ElGamal private key information.

Aliases

alias	CVE-2014-5270

Fixed_packages

url pkg:deb/debian/gnupg@1.4.12-7%2Bdeb7u7

purl pkg:deb/debian/gnupg@1.4.12-7%2Bdeb7u7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tpu-zawb-f3as

vulnerability	VCID-9cm4-mu3q-2yey

vulnerability	VCID-xcyv-byj5-8fb3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg@1.4.12-7%252Bdeb7u7

url	pkg:deb/debian/libgcrypt11@1.5.0-5%2Bdeb7u4
purl	pkg:deb/debian/libgcrypt11@1.5.0-5%2Bdeb7u4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt11@1.5.0-5%252Bdeb7u4

url	pkg:deb/debian/libgcrypt20@1.6.0-2?distro=trixie
purl	pkg:deb/debian/libgcrypt20@1.6.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt20@1.6.0-2%3Fdistro=trixie

url pkg:deb/debian/libgcrypt20@1.8.7-6?distro=trixie

purl pkg:deb/debian/libgcrypt20@1.8.7-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ym4a-3eek-9qch

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt20@1.8.7-6%3Fdistro=trixie

url	pkg:deb/debian/libgcrypt20@1.10.1-3?distro=trixie
purl	pkg:deb/debian/libgcrypt20@1.10.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt20@1.10.1-3%3Fdistro=trixie

url	pkg:deb/debian/libgcrypt20@1.11.0-7?distro=trixie
purl	pkg:deb/debian/libgcrypt20@1.11.0-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt20@1.11.0-7%3Fdistro=trixie

url	pkg:deb/debian/libgcrypt20@1.12.1-2?distro=trixie
purl	pkg:deb/debian/libgcrypt20@1.12.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt20@1.12.1-2%3Fdistro=trixie

url	pkg:ebuild/dev-libs/libgcrypt@1.5.4
purl	pkg:ebuild/dev-libs/libgcrypt@1.5.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libgcrypt@1.5.4

Affected_packages

url pkg:deb/debian/gnupg@1.0.6-4woody3

purl pkg:deb/debian/gnupg@1.0.6-4woody3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1s7v-ch36-tbga

vulnerability	VCID-3jt3-2y11-yuc5

vulnerability	VCID-5tpu-zawb-f3as

vulnerability	VCID-9cm4-mu3q-2yey

vulnerability	VCID-je5v-d5ua-6fhz

vulnerability	VCID-mhw6-1d6f-pbcp

vulnerability	VCID-n3bv-fbnu-2bcx

vulnerability	VCID-neaz-j69u-kfh6

vulnerability	VCID-uf47-ymx9-kycg

vulnerability	VCID-vmyv-5rvk-akh3

vulnerability	VCID-xcyv-byj5-8fb3

vulnerability	VCID-zytz-gsnc-yqh9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg@1.0.6-4woody3

url pkg:deb/debian/gnupg@1.4.1-1.sarge7

purl pkg:deb/debian/gnupg@1.4.1-1.sarge7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1s7v-ch36-tbga

vulnerability	VCID-3jt3-2y11-yuc5

vulnerability	VCID-5tpu-zawb-f3as

vulnerability	VCID-9cm4-mu3q-2yey

vulnerability	VCID-je5v-d5ua-6fhz

vulnerability	VCID-mhw6-1d6f-pbcp

vulnerability	VCID-n3bv-fbnu-2bcx

vulnerability	VCID-neaz-j69u-kfh6

vulnerability	VCID-uf47-ymx9-kycg

vulnerability	VCID-vmyv-5rvk-akh3

vulnerability	VCID-xcyv-byj5-8fb3

vulnerability	VCID-zytz-gsnc-yqh9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg@1.4.1-1.sarge7

url pkg:deb/debian/gnupg@1.4.6-2

purl pkg:deb/debian/gnupg@1.4.6-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1s7v-ch36-tbga

vulnerability	VCID-3jt3-2y11-yuc5

vulnerability	VCID-5tpu-zawb-f3as

vulnerability	VCID-9cm4-mu3q-2yey

vulnerability	VCID-je5v-d5ua-6fhz

vulnerability	VCID-mhw6-1d6f-pbcp

vulnerability	VCID-n3bv-fbnu-2bcx

vulnerability	VCID-neaz-j69u-kfh6

vulnerability	VCID-uf47-ymx9-kycg

vulnerability	VCID-vmyv-5rvk-akh3

vulnerability	VCID-xcyv-byj5-8fb3

vulnerability	VCID-zytz-gsnc-yqh9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg@1.4.6-2

url pkg:deb/debian/gnupg@1.4.6-2%2Betch1

purl pkg:deb/debian/gnupg@1.4.6-2%2Betch1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1s7v-ch36-tbga

vulnerability	VCID-3jt3-2y11-yuc5

vulnerability	VCID-5tpu-zawb-f3as

vulnerability	VCID-9cm4-mu3q-2yey

vulnerability	VCID-je5v-d5ua-6fhz

vulnerability	VCID-mhw6-1d6f-pbcp

vulnerability	VCID-n3bv-fbnu-2bcx

vulnerability	VCID-neaz-j69u-kfh6

vulnerability	VCID-uf47-ymx9-kycg

vulnerability	VCID-vmyv-5rvk-akh3

vulnerability	VCID-xcyv-byj5-8fb3

vulnerability	VCID-zytz-gsnc-yqh9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg@1.4.6-2%252Betch1

url pkg:deb/debian/gnupg@1.4.9-3%2Blenny1

purl pkg:deb/debian/gnupg@1.4.9-3%2Blenny1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1s7v-ch36-tbga

vulnerability	VCID-3jt3-2y11-yuc5

vulnerability	VCID-5tpu-zawb-f3as

vulnerability	VCID-9cm4-mu3q-2yey

vulnerability	VCID-je5v-d5ua-6fhz

vulnerability	VCID-mhw6-1d6f-pbcp

vulnerability	VCID-n3bv-fbnu-2bcx

vulnerability	VCID-neaz-j69u-kfh6

vulnerability	VCID-uf47-ymx9-kycg

vulnerability	VCID-vmyv-5rvk-akh3

vulnerability	VCID-xcyv-byj5-8fb3

vulnerability	VCID-zytz-gsnc-yqh9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg@1.4.9-3%252Blenny1

url pkg:deb/debian/gnupg@1.4.10-4%2Bsqueeze4

purl pkg:deb/debian/gnupg@1.4.10-4%2Bsqueeze4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1s7v-ch36-tbga

vulnerability	VCID-3jt3-2y11-yuc5

vulnerability	VCID-5tpu-zawb-f3as

vulnerability	VCID-9cm4-mu3q-2yey

vulnerability	VCID-je5v-d5ua-6fhz

vulnerability	VCID-mhw6-1d6f-pbcp

vulnerability	VCID-n3bv-fbnu-2bcx

vulnerability	VCID-neaz-j69u-kfh6

vulnerability	VCID-uf47-ymx9-kycg

vulnerability	VCID-vmyv-5rvk-akh3

vulnerability	VCID-xcyv-byj5-8fb3

vulnerability	VCID-zytz-gsnc-yqh9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg@1.4.10-4%252Bsqueeze4

url pkg:deb/debian/gnupg@1.4.10-4%2Bsqueeze7

purl pkg:deb/debian/gnupg@1.4.10-4%2Bsqueeze7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1s7v-ch36-tbga

vulnerability	VCID-3jt3-2y11-yuc5

vulnerability	VCID-5tpu-zawb-f3as

vulnerability	VCID-9cm4-mu3q-2yey

vulnerability	VCID-je5v-d5ua-6fhz

vulnerability	VCID-mhw6-1d6f-pbcp

vulnerability	VCID-n3bv-fbnu-2bcx

vulnerability	VCID-neaz-j69u-kfh6

vulnerability	VCID-uf47-ymx9-kycg

vulnerability	VCID-vmyv-5rvk-akh3

vulnerability	VCID-xcyv-byj5-8fb3

vulnerability	VCID-zytz-gsnc-yqh9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg@1.4.10-4%252Bsqueeze7

url pkg:deb/debian/gnupg@1.4.12-7%2Bdeb7u4

purl pkg:deb/debian/gnupg@1.4.12-7%2Bdeb7u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1s7v-ch36-tbga

vulnerability	VCID-3jt3-2y11-yuc5

vulnerability	VCID-5tpu-zawb-f3as

vulnerability	VCID-9cm4-mu3q-2yey

vulnerability	VCID-je5v-d5ua-6fhz

vulnerability	VCID-n3bv-fbnu-2bcx

vulnerability	VCID-xcyv-byj5-8fb3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg@1.4.12-7%252Bdeb7u4

url pkg:deb/debian/libgcrypt11@1.2.0-11.1

purl pkg:deb/debian/libgcrypt11@1.2.0-11.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1s7v-ch36-tbga

vulnerability	VCID-cbwg-mywq-y7af

vulnerability	VCID-je5v-d5ua-6fhz

vulnerability	VCID-n3bv-fbnu-2bcx

vulnerability	VCID-uf47-ymx9-kycg

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt11@1.2.0-11.1

url pkg:deb/debian/libgcrypt11@1.2.3-2

purl pkg:deb/debian/libgcrypt11@1.2.3-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1s7v-ch36-tbga

vulnerability	VCID-cbwg-mywq-y7af

vulnerability	VCID-je5v-d5ua-6fhz

vulnerability	VCID-n3bv-fbnu-2bcx

vulnerability	VCID-uf47-ymx9-kycg

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt11@1.2.3-2

url pkg:deb/debian/libgcrypt11@1.4.1-1

purl pkg:deb/debian/libgcrypt11@1.4.1-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1s7v-ch36-tbga

vulnerability	VCID-cbwg-mywq-y7af

vulnerability	VCID-je5v-d5ua-6fhz

vulnerability	VCID-n3bv-fbnu-2bcx

vulnerability	VCID-uf47-ymx9-kycg

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt11@1.4.1-1

url pkg:deb/debian/libgcrypt11@1.4.5-2%2Bsqueeze1

purl pkg:deb/debian/libgcrypt11@1.4.5-2%2Bsqueeze1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1s7v-ch36-tbga

vulnerability	VCID-cbwg-mywq-y7af

vulnerability	VCID-je5v-d5ua-6fhz

vulnerability	VCID-n3bv-fbnu-2bcx

vulnerability	VCID-uf47-ymx9-kycg

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt11@1.4.5-2%252Bsqueeze1

url pkg:deb/debian/libgcrypt11@1.4.5-2%2Bsqueeze3

purl pkg:deb/debian/libgcrypt11@1.4.5-2%2Bsqueeze3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1s7v-ch36-tbga

vulnerability	VCID-cbwg-mywq-y7af

vulnerability	VCID-je5v-d5ua-6fhz

vulnerability	VCID-n3bv-fbnu-2bcx

vulnerability	VCID-uf47-ymx9-kycg

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt11@1.4.5-2%252Bsqueeze3

References

reference_url	http://lists.gnupg.org/pipermail/gnupg-announce/2014q3/000352.html
reference_id
reference_type
scores
url	http://lists.gnupg.org/pipermail/gnupg-announce/2014q3/000352.html

reference_url	http://openwall.com/lists/oss-security/2014/08/16/2
reference_id
reference_type
scores
url	http://openwall.com/lists/oss-security/2014/08/16/2

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5270.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5270.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-5270

reference_id

reference_type

scores

value	0.00072
scoring_system	epss
scoring_elements	0.22
published_at	2026-04-18T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.21967
published_at	2026-04-01T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.22125
published_at	2026-04-02T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.22174
published_at	2026-04-04T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.21957
published_at	2026-04-07T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.22038
published_at	2026-04-08T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.22093
published_at	2026-04-09T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.22109
published_at	2026-04-11T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.22067
published_at	2026-04-12T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.22008
published_at	2026-04-13T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.22006
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-5270

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5270
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5270

reference_url	http://www.cs.tau.ac.il/~tromer/handsoff/
reference_id
reference_type
scores
url	http://www.cs.tau.ac.il/~tromer/handsoff/

reference_url	http://www.debian.org/security/2014/dsa-3024
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3024

reference_url	http://www.debian.org/security/2014/dsa-3073
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3073

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1128531
reference_id	1128531
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1128531

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libgcrypt::::::::
reference_id	cpe:2.3:a:gnupg:libgcrypt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libgcrypt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libgcrypt:1.4.0:::::::*
reference_id	cpe:2.3:a:gnupg:libgcrypt:1.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libgcrypt:1.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libgcrypt:1.4.3:::::::*
reference_id	cpe:2.3:a:gnupg:libgcrypt:1.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libgcrypt:1.4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libgcrypt:1.4.4:::::::*
reference_id	cpe:2.3:a:gnupg:libgcrypt:1.4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libgcrypt:1.4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libgcrypt:1.4.5:::::::*
reference_id	cpe:2.3:a:gnupg:libgcrypt:1.4.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libgcrypt:1.4.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libgcrypt:1.4.6:::::::*
reference_id	cpe:2.3:a:gnupg:libgcrypt:1.4.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libgcrypt:1.4.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libgcrypt:1.5.0:::::::*
reference_id	cpe:2.3:a:gnupg:libgcrypt:1.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libgcrypt:1.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libgcrypt:1.5.1:::::::*
reference_id	cpe:2.3:a:gnupg:libgcrypt:1.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libgcrypt:1.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libgcrypt:1.5.2:::::::*
reference_id	cpe:2.3:a:gnupg:libgcrypt:1.5.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libgcrypt:1.5.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-5270

reference_id

CVE-2014-5270

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:P/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2014-5270

reference_url	https://security.gentoo.org/glsa/201408-10
reference_id	GLSA-201408-10
reference_type
scores
url	https://security.gentoo.org/glsa/201408-10

reference_url	https://usn.ubuntu.com/2339-1/
reference_id	USN-2339-1
reference_type
scores
url	https://usn.ubuntu.com/2339-1/

reference_url	https://usn.ubuntu.com/2339-2/
reference_id	USN-2339-2
reference_type
scores
url	https://usn.ubuntu.com/2339-2/

reference_url	https://usn.ubuntu.com/2554-1/
reference_id	USN-2554-1
reference_type
scores
url	https://usn.ubuntu.com/2554-1/

Weaknesses

cwe_id	200
name	Exposure of Sensitive Information to an Unauthorized Actor
description	The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Exploits

Severity_range_score 2.1 - 2.1

Exploitability 0.5

Weighted_severity 1.9

Risk_score 0.9

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1s7v-ch36-tbga

Vulnerability Instance