Search for packages
| purl | pkg:deb/debian/libgcrypt20@1.8.4-5%2Bdeb10u1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2z7d-8u2h-aaaa
Aliases: CVE-2019-13627 |
It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7. |
Affected by 1 other vulnerability. |
|
VCID-6546-cx94-aaah
Aliases: CVE-2021-33560 |
Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP. |
Affected by 0 other vulnerabilities. |
|
VCID-tegv-r6ak-aaaa
Aliases: CVE-2021-40528 |
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-tegv-r6ak-aaaa | The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP. |
CVE-2021-40528
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-22T07:05:51.124121+00:00 | Debian Importer | Affected by | VCID-6546-cx94-aaah | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-21T19:38:54.390523+00:00 | Debian Importer | Affected by | VCID-2z7d-8u2h-aaaa | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-21T18:08:41.476445+00:00 | Debian Oval Importer | Affected by | VCID-tegv-r6ak-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T15:15:55.830237+00:00 | Debian Oval Importer | Fixing | VCID-tegv-r6ak-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T06:18:18.799999+00:00 | Debian Oval Importer | Affected by | VCID-tegv-r6ak-aaaa | None | 36.1.3 |
| 2025-06-21T03:52:46.835168+00:00 | Debian Importer | Affected by | VCID-6546-cx94-aaah | None | 36.1.3 |
| 2025-06-21T02:08:44.851200+00:00 | Debian Oval Importer | Affected by | VCID-2z7d-8u2h-aaaa | None | 36.1.3 |
| 2025-06-20T22:09:02.619586+00:00 | Debian Importer | Affected by | VCID-2z7d-8u2h-aaaa | None | 36.1.3 |
| 2025-06-20T21:19:40.650850+00:00 | Debian Oval Importer | Fixing | VCID-tegv-r6ak-aaaa | None | 36.1.3 |
| 2025-06-08T10:40:09.592571+00:00 | Debian Oval Importer | Affected by | VCID-tegv-r6ak-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T08:09:44.417053+00:00 | Debian Oval Importer | Fixing | VCID-tegv-r6ak-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-07T23:57:23.229514+00:00 | Debian Oval Importer | Affected by | VCID-tegv-r6ak-aaaa | None | 36.1.0 |
| 2025-06-07T19:32:28.547570+00:00 | Debian Oval Importer | Affected by | VCID-2z7d-8u2h-aaaa | None | 36.1.0 |
| 2025-06-07T14:43:17.297216+00:00 | Debian Oval Importer | Fixing | VCID-tegv-r6ak-aaaa | None | 36.1.0 |
| 2025-04-12T20:46:15.481190+00:00 | Debian Oval Importer | Affected by | VCID-2z7d-8u2h-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T16:21:51.425886+00:00 | Debian Oval Importer | Affected by | VCID-tegv-r6ak-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-08T06:41:43.192336+00:00 | Debian Oval Importer | Fixing | VCID-tegv-r6ak-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-07T22:29:35.742564+00:00 | Debian Oval Importer | Affected by | VCID-tegv-r6ak-aaaa | None | 36.0.0 |
| 2025-04-07T18:10:09.482708+00:00 | Debian Oval Importer | Affected by | VCID-2z7d-8u2h-aaaa | None | 36.0.0 |
| 2025-04-07T13:15:15.821053+00:00 | Debian Oval Importer | Fixing | VCID-tegv-r6ak-aaaa | None | 36.0.0 |
| 2025-04-06T00:45:08.496711+00:00 | Debian Importer | Affected by | VCID-6546-cx94-aaah | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-05T15:49:17.702644+00:00 | Debian Importer | Affected by | VCID-2z7d-8u2h-aaaa | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-04-04T06:41:27.219546+00:00 | Debian Importer | Affected by | VCID-6546-cx94-aaah | None | 36.0.0 |
| 2025-04-04T00:47:24.010254+00:00 | Debian Importer | Affected by | VCID-2z7d-8u2h-aaaa | None | 36.0.0 |
| 2025-02-20T01:51:50.772856+00:00 | Debian Importer | Affected by | VCID-6546-cx94-aaah | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2025-02-20T01:51:50.103931+00:00 | Debian Importer | Affected by | VCID-6546-cx94-aaah | None | 35.1.0 |
| 2025-02-19T05:59:47.536780+00:00 | Debian Importer | Affected by | VCID-2z7d-8u2h-aaaa | None | 35.1.0 |
| 2025-02-19T05:59:46.830872+00:00 | Debian Importer | Affected by | VCID-2z7d-8u2h-aaaa | https://security-tracker.debian.org/tracker/data/json | 35.1.0 |
| 2024-11-22T19:54:04.848374+00:00 | Debian Importer | Affected by | VCID-6546-cx94-aaah | https://security-tracker.debian.org/tracker/data/json | 35.0.0 |
| 2024-11-22T19:54:04.159560+00:00 | Debian Importer | Affected by | VCID-6546-cx94-aaah | None | 35.0.0 |
| 2024-10-09T18:37:25.455862+00:00 | Debian Importer | Affected by | VCID-6546-cx94-aaah | https://security-tracker.debian.org/tracker/data/json | 34.0.2 |
| 2024-10-09T18:37:24.758953+00:00 | Debian Importer | Affected by | VCID-6546-cx94-aaah | None | 34.0.2 |
| 2024-09-19T03:01:32.141729+00:00 | Debian Importer | Affected by | VCID-6546-cx94-aaah | https://security-tracker.debian.org/tracker/data/json | 34.0.1 |
| 2024-09-19T03:01:31.468090+00:00 | Debian Importer | Affected by | VCID-6546-cx94-aaah | None | 34.0.1 |
| 2024-04-25T01:20:47.154305+00:00 | Debian Importer | Affected by | VCID-6546-cx94-aaah | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-04-25T01:20:44.793032+00:00 | Debian Importer | Affected by | VCID-6546-cx94-aaah | None | 34.0.0rc4 |
| 2024-04-24T14:12:18.717863+00:00 | Debian Importer | Affected by | VCID-2z7d-8u2h-aaaa | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-04-24T14:12:17.900005+00:00 | Debian Importer | Affected by | VCID-2z7d-8u2h-aaaa | None | 34.0.0rc4 |
| 2024-01-11T02:21:12.569850+00:00 | Debian Importer | Affected by | VCID-6546-cx94-aaah | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc2 |
| 2024-01-11T02:21:10.118888+00:00 | Debian Importer | Affected by | VCID-6546-cx94-aaah | None | 34.0.0rc2 |
| 2024-01-10T16:56:04.940610+00:00 | Debian Importer | Affected by | VCID-2z7d-8u2h-aaaa | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc2 |
| 2024-01-10T16:56:04.019488+00:00 | Debian Importer | Affected by | VCID-2z7d-8u2h-aaaa | None | 34.0.0rc2 |
| 2024-01-04T14:41:17.086132+00:00 | Debian Importer | Affected by | VCID-6546-cx94-aaah | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc1 |
| 2024-01-04T14:41:14.675751+00:00 | Debian Importer | Affected by | VCID-6546-cx94-aaah | None | 34.0.0rc1 |
| 2024-01-04T06:37:04.220484+00:00 | Debian Importer | Affected by | VCID-2z7d-8u2h-aaaa | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc1 |
| 2024-01-04T06:37:03.318284+00:00 | Debian Importer | Affected by | VCID-2z7d-8u2h-aaaa | None | 34.0.0rc1 |