mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
1.6 KiB
1.6 KiB
CVE-2021-33560
Description
Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.
POC
Reference
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://www.oracle.com/security-alerts/cpuoct2021.html
Github
- https://github.com/1g-v/DevSec_Docker_lab
- https://github.com/ARPSyndicate/cvemon
- https://github.com/IBM/PGP-client-checker-CVE-2021-33560
- https://github.com/L-ivan7/-.-DevSec_Docker
- https://github.com/PajakAlexandre/wik-dps-tp02
- https://github.com/brandoncamenisch/release-the-code-litecoin
- https://github.com/cdupuis/image-api
- https://github.com/epequeno/devops-demo
- https://github.com/fokypoky/places-list
- https://github.com/kenlavbah/log4jnotes
- https://github.com/leoambrus/CheckersNomisec
- https://github.com/marklogic/marklogic-kubernetes
- https://github.com/mmbazm/secure_license_server
- https://github.com/n0-traces/cve_monitor
- https://github.com/onzack/trivy-multiscanner