{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35169?format=json","vulnerability_id":"VCID-stxq-tcuq-aud6","summary":"lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for PyCrypto's ElGamal implementation.","aliases":[{"alias":"CVE-2018-6594"},{"alias":"GHSA-6528-wvf6-f6qg"},{"alias":"PYSEC-2018-97"}],"fixed_packages":[],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7701?format=json","purl":"pkg:pypi/pycrypto@2.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-af5m-veyp-cugm"},{"vulnerability":"VCID-stxq-tcuq-aud6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pycrypto@2.6.1"}],"references":[{"reference_url":"https://github.com/advisories/GHSA-6528-wvf6-f6qg","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6528-wvf6-f6qg"},{"reference_url":"https://github.com/dlitz/pycrypto","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/dlitz/pycrypto"},{"reference_url":"https://github.com/dlitz/pycrypto/issues/253","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/dlitz/pycrypto/issues/253"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/pycrypto/PYSEC-2018-97.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/pycrypto/PYSEC-2018-97.yaml"},{"reference_url":"https://github.com/TElgamal/attack-on-pycrypto-elgamal","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/TElgamal/attack-on-pycrypto-elgamal"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/02/msg00018.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/02/msg00018.html"},{"reference_url":"https://security.gentoo.org/glsa/202007-62","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-62"},{"reference_url":"https://usn.ubuntu.com/3616-1","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3616-1"},{"reference_url":"https://usn.ubuntu.com/3616-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3616-1/"},{"reference_url":"https://usn.ubuntu.com/3616-2","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3616-2"},{"reference_url":"https://usn.ubuntu.com/3616-2/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3616-2/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-6594","reference_id":"CVE-2018-6594","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-6594"}],"weaknesses":[{"cwe_id":326,"name":"Inadequate Encryption Strength","description":"The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-stxq-tcuq-aud6"}