VulnerableCode Package Details - pkg:deb/debian/libgcrypt11@1.5.0-5%2Bdeb7u4

Search for packages

Vulnerability	Summary	Fixed by
VCID-aab3-a7kh-aaah Aliases: CVE-2013-4242	CVE-2013-4242 GnuPG susceptible to Yarom/Falkner flush+reload cache side-channel attack	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-aab3-a7kh-aaah
Aliases:
CVE-2013-4242

CVE-2013-4242 GnuPG susceptible to Yarom/Falkner flush+reload cache side-channel attack

There are no reported fixed by versions.

Vulnerability	Summary	Aliases
VCID-4s5w-7qf5-aaak	The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack."	CVE-2015-0837
VCID-aab3-a7kh-aaah	CVE-2013-4242 GnuPG susceptible to Yarom/Falkner flush+reload cache side-channel attack	CVE-2013-4242
VCID-ke9d-zyem-aaar	Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring electromagnetic emanations.	CVE-2015-7511
VCID-sjza-hk7v-aaag	Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it easier for physically proximate attackers to conduct key-extraction attacks by leveraging the ability to collect voltage data from exposed metal, a different vector than CVE-2013-4576.	CVE-2014-5270
VCID-vx9d-bz2m-aaan	Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication.	CVE-2014-3591

Vulnerability

Summary

Aliases

VCID-4s5w-7qf5-aaak

The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack."

CVE-2015-0837

VCID-aab3-a7kh-aaah

CVE-2013-4242 GnuPG susceptible to Yarom/Falkner flush+reload cache side-channel attack

CVE-2013-4242

VCID-ke9d-zyem-aaar

Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring electromagnetic emanations.

CVE-2015-7511

VCID-sjza-hk7v-aaag

Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it easier for physically proximate attackers to conduct key-extraction attacks by leveraging the ability to collect voltage data from exposed metal, a different vector than CVE-2013-4576.

CVE-2014-5270

VCID-vx9d-bz2m-aaan

Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication.

CVE-2014-3591

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-21T09:27:55.224056+00:00	Debian Oval Importer	Fixing	VCID-4s5w-7qf5-aaak	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.3
2025-06-21T09:25:21.972200+00:00	Debian Oval Importer	Fixing	VCID-aab3-a7kh-aaah	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.3
2025-06-21T09:22:24.636771+00:00	Debian Oval Importer	Fixing	VCID-sjza-hk7v-aaag	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.3
2025-06-21T09:07:43.762908+00:00	Debian Oval Importer	Fixing	VCID-ke9d-zyem-aaar	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.3
2025-06-21T09:04:35.695517+00:00	Debian Oval Importer	Fixing	VCID-vx9d-bz2m-aaan	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.3
2025-06-20T19:49:57.997236+00:00	Debian Oval Importer	Affected by	VCID-aab3-a7kh-aaah	None	36.1.3
2025-06-20T19:28:48.405931+00:00	Debian Oval Importer	Fixing	VCID-aab3-a7kh-aaah	None	36.1.3
2025-06-20T19:24:25.127165+00:00	Debian Oval Importer	Fixing	VCID-vx9d-bz2m-aaan	None	36.1.3
2025-06-20T19:21:49.209384+00:00	Debian Oval Importer	Fixing	VCID-sjza-hk7v-aaag	None	36.1.3
2025-06-20T19:21:33.234100+00:00	Debian Oval Importer	Fixing	VCID-ke9d-zyem-aaar	None	36.1.3
2025-06-08T03:16:07.544817+00:00	Debian Oval Importer	Fixing	VCID-4s5w-7qf5-aaak	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.0
2025-06-08T03:13:24.067284+00:00	Debian Oval Importer	Fixing	VCID-aab3-a7kh-aaah	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.0
2025-06-08T03:10:16.463212+00:00	Debian Oval Importer	Fixing	VCID-sjza-hk7v-aaag	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.0
2025-06-08T02:54:56.492990+00:00	Debian Oval Importer	Fixing	VCID-ke9d-zyem-aaar	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.0
2025-06-08T02:51:37.996152+00:00	Debian Oval Importer	Fixing	VCID-vx9d-bz2m-aaan	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.0
2025-06-07T13:41:31.120201+00:00	Debian Oval Importer	Affected by	VCID-aab3-a7kh-aaah	None	36.1.0
2025-06-07T13:26:04.700205+00:00	Debian Oval Importer	Fixing	VCID-aab3-a7kh-aaah	None	36.1.0
2025-06-07T13:22:55.510658+00:00	Debian Oval Importer	Fixing	VCID-vx9d-bz2m-aaan	None	36.1.0
2025-06-07T13:21:23.602848+00:00	Debian Oval Importer	Fixing	VCID-sjza-hk7v-aaag	None	36.1.0
2025-06-07T13:21:06.894882+00:00	Debian Oval Importer	Fixing	VCID-ke9d-zyem-aaar	None	36.1.0
2025-06-03T13:25:22.533722+00:00	Debian Oval Importer	Fixing	VCID-aab3-a7kh-aaah	None	36.1.2
2025-06-03T13:22:17.978238+00:00	Debian Oval Importer	Fixing	VCID-vx9d-bz2m-aaan	None	36.1.2
2025-06-03T13:20:47.148658+00:00	Debian Oval Importer	Fixing	VCID-sjza-hk7v-aaag	None	36.1.2
2025-06-03T13:20:31.268900+00:00	Debian Oval Importer	Fixing	VCID-ke9d-zyem-aaar	None	36.1.2
2025-04-08T01:43:31.656259+00:00	Debian Oval Importer	Fixing	VCID-4s5w-7qf5-aaak	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.0.0
2025-04-08T01:40:46.859553+00:00	Debian Oval Importer	Fixing	VCID-aab3-a7kh-aaah	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.0.0
2025-04-08T01:37:37.600921+00:00	Debian Oval Importer	Fixing	VCID-sjza-hk7v-aaag	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.0.0
2025-04-08T01:22:10.249511+00:00	Debian Oval Importer	Fixing	VCID-ke9d-zyem-aaar	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.0.0
2025-04-08T01:18:53.615097+00:00	Debian Oval Importer	Fixing	VCID-vx9d-bz2m-aaan	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.0.0
2025-04-07T12:16:49.858227+00:00	Debian Oval Importer	Affected by	VCID-aab3-a7kh-aaah	None	36.0.0
2025-04-07T12:01:36.023229+00:00	Debian Oval Importer	Fixing	VCID-aab3-a7kh-aaah	None	36.0.0
2025-04-07T11:58:26.695737+00:00	Debian Oval Importer	Fixing	VCID-vx9d-bz2m-aaan	None	36.0.0
2025-04-07T11:56:54.601981+00:00	Debian Oval Importer	Fixing	VCID-sjza-hk7v-aaag	None	36.0.0
2025-04-07T11:56:38.081430+00:00	Debian Oval Importer	Fixing	VCID-ke9d-zyem-aaar	None	36.0.0
2024-10-05T11:42:58.772554+00:00	Debian Oval Importer	Fixing	VCID-aab3-a7kh-aaah	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	34.0.1