DevGuard Logo

/Devguard
Group
/devguard-action
Repository

Overview
Compliance
Code Risks
Dependency Risks
Dependencies

CVE-2021-33560

Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.

GitHub Logohttps://github.com/l3montree-dev/devguard-action/issues/154
Open
LOW (2.2)
  • logo

    System detected CVE-2021-33560 with a risk of 4.4

    main
  • logo

    System created a ticket for CVE-2021-33560

    main

    Everything after this entry will be synced with the external system. The ticket can be found at https://github.com/l3montree-dev/devguard-action/issues/130

  • logo

    System detected CVE-2021-33560 on another ref: main

    main
  • logo

    System created a ticket for CVE-2021-33560

    main

    Everything after this entry will be synced with the external system. The ticket can be found at undefined

  • logo

    System updated the risk assessment from 4.4 to 2.2

    main

    System recalculated raw risk assessment

Add a comment

Mark as False Positive
Comment will be synced with https://github.com/l3montree-dev/devguard-action/issues/154
Last calculated at:

Affected component

Logo von deb debian/libgcrypt20

Installed version:
1.10.1-3
Fixed in:
no patch available
Show in dependency graph
GitHubImprintTerms of UsePrivacy
Copyright © 2025 L3montree GmbH and the DevGuard Contributors. All rights reserved. Version 667098114b5ef45c7830e7aa599604fa65eb818f