Lucene search

K

Veracode Vulnerability DatabaseVERACODE:28251

HistoryDec 06, 2020 - 3:37 a.m.

Information Disclosure

2020-12-0603:37:57

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

19

libgcrypt

vulnerability

information disclosure

eddsa

session key

long-term secret key

EPSS

0.004

Percentile

73.7%

Libgcrypt is vulnerable to information disclosure. An attacker who learns the EdDSA session key can recover the long-term secret key.

References

www.debian.org/security/2017/dsa-3880

www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

www.securityfocus.com/bid/99046

bugzilla.suse.com/show_bug.cgi?id=1042326

git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=5a22de904a0a366ae79f03ff1e13a1232a89e26b

git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=f9494b3f258e01b6af8bd3941ce436bcc00afc56

security-tracker.debian.org/tracker/CVE-2017-9526

www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

EPSS

0.004

Percentile

73.7%

Related for VERACODE:28251

openvas4 debian2 nessus6 prion1 osv2 ubuntucve1 debiancve1 nvd1 redhatcve1 cve1 cvelist1 ubuntu1 cloudfoundry1 rosalinux1 photon1 oracle2