Search for packages
Package details: pkg:deb/debian/libgcrypt20@1.8.7-6
purl pkg:deb/debian/libgcrypt20@1.8.7-6
Next non-vulnerable version 1.10.1-3
Latest non-vulnerable version 1.10.1-3
Risk 3.4
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-6546-cx94-aaah
Aliases:
CVE-2021-33560
Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.
1.10.1-3
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-2z7d-8u2h-aaaa It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7. CVE-2019-13627
VCID-tegv-r6ak-aaaa The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP. CVE-2021-40528

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T19:38:54.392898+00:00 Debian Importer Fixing VCID-2z7d-8u2h-aaaa https://security-tracker.debian.org/tracker/data/json 36.1.3
2025-06-21T18:08:41.478627+00:00 Debian Oval Importer Fixing VCID-tegv-r6ak-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T06:18:18.801972+00:00 Debian Oval Importer Fixing VCID-tegv-r6ak-aaaa None 36.1.3
2025-06-21T03:52:46.837491+00:00 Debian Importer Affected by VCID-6546-cx94-aaah None 36.1.3
2025-06-21T02:51:59.040911+00:00 Debian Importer Affected by VCID-6546-cx94-aaah https://security-tracker.debian.org/tracker/data/json 36.1.3
2025-06-21T02:08:44.853390+00:00 Debian Oval Importer Fixing VCID-2z7d-8u2h-aaaa None 36.1.3
2025-06-20T22:09:02.621731+00:00 Debian Importer Fixing VCID-2z7d-8u2h-aaaa None 36.1.3
2025-06-08T10:40:09.594213+00:00 Debian Oval Importer Fixing VCID-tegv-r6ak-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-07T23:57:23.231324+00:00 Debian Oval Importer Fixing VCID-tegv-r6ak-aaaa None 36.1.0
2025-06-07T19:32:28.549485+00:00 Debian Oval Importer Fixing VCID-2z7d-8u2h-aaaa None 36.1.0
2025-04-12T20:46:15.486125+00:00 Debian Oval Importer Fixing VCID-2z7d-8u2h-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T16:21:51.430817+00:00 Debian Oval Importer Fixing VCID-tegv-r6ak-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-07T22:29:35.747878+00:00 Debian Oval Importer Fixing VCID-tegv-r6ak-aaaa None 36.0.0
2025-04-07T18:10:09.488579+00:00 Debian Oval Importer Fixing VCID-2z7d-8u2h-aaaa None 36.0.0
2025-04-05T15:49:17.707834+00:00 Debian Importer Fixing VCID-2z7d-8u2h-aaaa https://security-tracker.debian.org/tracker/data/json 36.0.0
2025-04-04T06:41:27.223958+00:00 Debian Importer Affected by VCID-6546-cx94-aaah None 36.0.0
2025-04-04T05:38:54.642030+00:00 Debian Importer Affected by VCID-6546-cx94-aaah https://security-tracker.debian.org/tracker/data/json 36.0.0
2025-04-04T00:47:24.015273+00:00 Debian Importer Fixing VCID-2z7d-8u2h-aaaa None 36.0.0
2025-02-20T01:51:50.778716+00:00 Debian Importer Affected by VCID-6546-cx94-aaah https://security-tracker.debian.org/tracker/data/json 35.1.0
2025-02-20T01:51:50.109909+00:00 Debian Importer Affected by VCID-6546-cx94-aaah None 35.1.0
2025-02-19T05:59:47.540985+00:00 Debian Importer Fixing VCID-2z7d-8u2h-aaaa None 35.1.0
2025-02-19T05:59:46.835378+00:00 Debian Importer Fixing VCID-2z7d-8u2h-aaaa https://security-tracker.debian.org/tracker/data/json 35.1.0
2024-11-22T19:54:04.852713+00:00 Debian Importer Affected by VCID-6546-cx94-aaah https://security-tracker.debian.org/tracker/data/json 35.0.0
2024-11-22T19:54:04.164777+00:00 Debian Importer Affected by VCID-6546-cx94-aaah None 35.0.0
2024-10-09T18:37:25.461217+00:00 Debian Importer Affected by VCID-6546-cx94-aaah https://security-tracker.debian.org/tracker/data/json 34.0.2
2024-10-09T18:37:24.763856+00:00 Debian Importer Affected by VCID-6546-cx94-aaah None 34.0.2
2024-09-19T03:01:32.147354+00:00 Debian Importer Affected by VCID-6546-cx94-aaah https://security-tracker.debian.org/tracker/data/json 34.0.1
2024-09-19T03:01:31.472860+00:00 Debian Importer Affected by VCID-6546-cx94-aaah None 34.0.1
2024-04-25T01:20:47.159709+00:00 Debian Importer Affected by VCID-6546-cx94-aaah https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-25T01:20:44.797870+00:00 Debian Importer Affected by VCID-6546-cx94-aaah None 34.0.0rc4
2024-04-24T14:12:18.722617+00:00 Debian Importer Fixing VCID-2z7d-8u2h-aaaa https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-24T14:12:17.904721+00:00 Debian Importer Fixing VCID-2z7d-8u2h-aaaa None 34.0.0rc4
2024-01-11T02:21:12.574131+00:00 Debian Importer Affected by VCID-6546-cx94-aaah https://security-tracker.debian.org/tracker/data/json 34.0.0rc2
2024-01-11T02:21:10.124203+00:00 Debian Importer Affected by VCID-6546-cx94-aaah None 34.0.0rc2
2024-01-10T16:56:04.945511+00:00 Debian Importer Fixing VCID-2z7d-8u2h-aaaa https://security-tracker.debian.org/tracker/data/json 34.0.0rc2
2024-01-10T16:56:04.024264+00:00 Debian Importer Fixing VCID-2z7d-8u2h-aaaa None 34.0.0rc2
2024-01-04T14:41:17.090911+00:00 Debian Importer Affected by VCID-6546-cx94-aaah https://security-tracker.debian.org/tracker/data/json 34.0.0rc1
2024-01-04T14:41:14.680506+00:00 Debian Importer Affected by VCID-6546-cx94-aaah None 34.0.0rc1
2024-01-04T06:37:04.224627+00:00 Debian Importer Fixing VCID-2z7d-8u2h-aaaa https://security-tracker.debian.org/tracker/data/json 34.0.0rc1
2024-01-04T06:37:03.322489+00:00 Debian Importer Fixing VCID-2z7d-8u2h-aaaa None 34.0.0rc1