VDB
DEBIAN-CVE-2014-3591
DEBIAN-CVE-2014-3591
PUBLISHED
CVSS 4.199999809265137 MEDIUM
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication.
Risk Scores
CVSS 3.1
4.199999809265137
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | libgcrypt20 | 0, 0, 0 |
| Debian:12 | libgcrypt20 | 0, 0, 0 |
| Debian:14 | libgcrypt20 | 0, 0, 0 |
| Debian:13 | libgcrypt20 | 0, 0, 0 |
Timeline
- Nov 29, 2019 CVE Published
- Apr 28, 2026 CVE Updated