mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 11:05:39 +02:00
marc
1.5 KiB
1.5 KiB
CVE-2021-33560
Description
Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.
POC
Reference
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://www.oracle.com/security-alerts/cpuoct2021.html
Github
- https://github.com/1g-v/DevSec_Docker_lab
- https://github.com/ARPSyndicate/cvemon
- https://github.com/IBM/PGP-client-checker-CVE-2021-33560
- https://github.com/L-ivan7/-.-DevSec_Docker
- https://github.com/PajakAlexandre/wik-dps-tp02
- https://github.com/brandoncamenisch/release-the-code-litecoin
- https://github.com/cdupuis/image-api
- https://github.com/epequeno/devops-demo
- https://github.com/fokypoky/places-list
- https://github.com/kenlavbah/log4jnotes
- https://github.com/leoambrus/CheckersNomisec
- https://github.com/marklogic/marklogic-kubernetes
- https://github.com/onzack/trivy-multiscanner