The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-09-06T18:44:47
Updated: 2021-10-05T17:06:19
Reserved: 2021-09-06T00:00:00
Link: CVE-2021-40530
JSON object: View
NVD Information
Status : Modified
Published: 2021-09-06T19:15:07.673
Modified: 2023-11-07T03:38:36.797
Link: CVE-2021-40530
JSON object: View
Redhat Information
No data.
CWE