CVE-2018-6829

ADVISORY - nist

Summary

cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.

EPSS Score⁠: 0.01266 (0.785)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-327⁠

Use of a Broken or Risky Cryptographic Algorithm

ADVISORY - redhat

CWE-200⁠

Exposure of Sensitive Information to an Unauthorized Actor

Impacted images

Advisories

NIST

CREATED

7 years ago

UPDATED

7 months ago

ADVISORY IDCVE-2018-6829⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

7.5high

Debian

CREATED

7 years ago

UPDATED

4 months ago

ADVISORY IDCVE-2018-6829⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

7 years ago

UPDATED

4 months ago

ADVISORY IDCVE-2018-6829⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5medium

Red Hat

CREATED

7 years ago

UPDATED

3 months ago

ADVISORY IDCVE-2018-6829⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

5.3medium

intheWild

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY IDCVE-2018-6829⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY