VDB

DEBIAN-CVE-2014-3591

DEBIAN-CVE-2014-3591 PUBLISHED CVSS 4.199999809265137 MEDIUM

Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication.

Risk Scores

CVSS 3.1
4.199999809265137
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products

VendorProductVersions
Debian:11libgcrypt200, 0, 0
Debian:12libgcrypt200, 0, 0
Debian:14libgcrypt200, 0, 0
Debian:13libgcrypt200, 0, 0

Timeline

  • Nov 29, 2019 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›