Skip to main content

Libgcrypt

13 CVEs product

Monthly

CVE-2026-41989 MEDIUM PATCH This Month

Heap-based buffer overflow in Libgcrypt before 1.12.2 allows local attackers to trigger denial of service and corrupt memory via crafted ECDH ciphertext passed to gcry_pk_decrypt, affecting cryptographic operations in dependent applications including GnuPG. No public exploit code or active exploitation has been identified at time of analysis; vendor has released patched versions 1.10.4, 1.11.3, and 1.12.2 to resolve the vulnerability.

Buffer Overflow Memory Corruption Denial Of Service Libgcrypt
NVD VulDB
CVSS 3.1
6.7
EPSS
0.0%
CVE-2021-40528 MEDIUM POC This Month

The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Libgcrypt
NVD
CVSS 3.1
5.9
EPSS
1.4%
CVE-2021-33560 HIGH PATCH This Week

Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Libgcrypt Debian Linux Fedora Communications Cloud Native Core Binding Support Function +4
NVD
CVSS 3.1
7.5
EPSS
2.3%
CVE-2021-3345 HIGH PATCH This Week

_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Libgcrypt Communications Billing And Revenue Management
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2019-12904 MEDIUM PATCH This Month

In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.

Information Disclosure Libgcrypt Leap
NVD GitHub
CVSS 3.1
5.9
EPSS
2.1%
CVE-2018-0495 MEDIUM POC PATCH This Month

Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the. Rated medium severity (CVSS 4.7). Public exploit code available.

Information Disclosure Libgcrypt Ubuntu Linux Debian Linux Ansible Tower +4
NVD
CVSS 3.0
4.7
EPSS
0.9%
CVE-2018-6829 HIGH POC This Week

cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Libgcrypt
NVD GitHub
CVSS 3.0
7.5
EPSS
1.8%
CVE-2017-0379 HIGH PATCH This Week

Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Libgcrypt Debian Linux
NVD
CVSS 3.0
7.5
EPSS
1.9%
CVE-2017-9526 MEDIUM PATCH This Month

In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Libgcrypt
NVD
CVSS 3.0
5.9
EPSS
0.7%
CVE-2016-6313 MEDIUM This Month

The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Libgcrypt Debian Linux Ubuntu Linux Gnupg
NVD
CVSS 3.0
5.3
EPSS
3.2%
CVE-2015-7511 LOW Monitor

Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring. Rated low severity (CVSS 2.0), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Libgcrypt Debian Linux Ubuntu Linux
NVD
CVSS 3.0
2.0
EPSS
0.0%
CVE-2014-5270 LOW PATCH Monitor

Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it easier for physically proximate attackers. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Libgcrypt Debian Linux
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2013-4242 LOW Monitor

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3. Rated low severity (CVSS 1.9). No vendor patch available.

Information Disclosure Ubuntu Linux Debian Linux Gnupg Libgcrypt +1
NVD
CVSS 2.0
1.9
EPSS
0.1%
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Heap-based buffer overflow in Libgcrypt before 1.12.2 allows local attackers to trigger denial of service and corrupt memory via crafted ECDH ciphertext passed to gcry_pk_decrypt, affecting cryptographic operations in dependent applications including GnuPG. No public exploit code or active exploitation has been identified at time of analysis; vendor has released patched versions 1.10.4, 1.11.3, and 1.12.2 to resolve the vulnerability.

Buffer Overflow Memory Corruption Denial Of Service +1
NVD VulDB
EPSS 1% CVSS 5.9
MEDIUM POC This Month

The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Libgcrypt
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Libgcrypt Debian Linux +6
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Libgcrypt +1
NVD
EPSS 2% CVSS 5.9
MEDIUM PATCH This Month

In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.

Information Disclosure Libgcrypt Leap
NVD GitHub
EPSS 1% CVSS 4.7
MEDIUM POC PATCH This Month

Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the. Rated medium severity (CVSS 4.7). Public exploit code available.

Information Disclosure Libgcrypt Ubuntu Linux +6
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Libgcrypt
NVD GitHub
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Libgcrypt Debian Linux
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Libgcrypt
NVD
EPSS 3% CVSS 5.3
MEDIUM This Month

The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Libgcrypt Debian Linux +2
NVD
EPSS 0% CVSS 2.0
LOW Monitor

Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring. Rated low severity (CVSS 2.0), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Libgcrypt Debian Linux +1
NVD
EPSS 0% CVSS 2.1
LOW PATCH Monitor

Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it easier for physically proximate attackers. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Libgcrypt Debian Linux
NVD
EPSS 0% CVSS 1.9
LOW Monitor

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3. Rated low severity (CVSS 1.9). No vendor patch available.

Information Disclosure Ubuntu Linux Debian Linux +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy