CVE-2018-6829
ADVISORY - nistSummary
cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.
EPSS Score: 0.00193 (0.576)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Use of a Broken or Risky Cryptographic Algorithm
ADVISORY - redhat
Exposure of Sensitive Information to an Unauthorized Actor
Sign in to Docker Scout
See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.
Sign in