VDB

GCVE-VVD-MAGEIA-2021-563

GCVE-VVD-MAGEIA-2021-563
Advisory Published
Vulnetix · Advisory published December 19, 2021
Updated botan2 packages fix security vulnerability: The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP (CVE-2021-40529).
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiabotan20 (affected), 2.17.3-2.1.mga8 (unaffected)

Aliases

CVE-2021-40529

Transitive aliases

VVD-GENTOO-2021-811912GHSA-f9qg-252f-g8cgEUVD-2021-27704VVD-GENTOO-2021-811906

References

Updated botan2 packages fix security vulnerability
advisory
Updated botan2 packages fix security vulnerability
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›