CVE-2018-6594

lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for PyCrypto's ElGamal implementation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 79%
Affected Products (NVD)
VendorProductVersion
dlitzpycrypto
𝑥
≤ 2.6.1
debiandebian_linux
7.0
canonicalubuntu_linux
12.04
canonicalubuntu_linux
14.04
canonicalubuntu_linux
16.04
canonicalubuntu_linux
17.10
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
pycryptodome
bookworm
3.11.0+dfsg1-4
fixed
bullseye
3.9.7+dfsg1-1
fixed
jessie
no-dsa
sid
3.20.0+dfsg-3
fixed
stretch
no-dsa
trixie
3.20.0+dfsg-3
fixed
wheezy
no-dsa
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
pycryptodome
artful
ignored
bionic
Fixed 3.4.7-1ubuntu1
released
trusty
dne
xenial
dne
python-crypto
artful
Fixed 2.6.1-7ubuntu0.1
released
bionic
Fixed 2.6.1-8ubuntu2
released
trusty
Fixed 2.6.1-4ubuntu0.3
released
xenial
Fixed 2.6.1-6ubuntu0.16.04.3
released
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
python-crypto-debuginfo
Amazon Linux 1
0:2.6.1-1.15.amzn1
fixed
python-crypto-debugsource
Amazon Linux 2023
0:2.6.1-34.amzn2023.0.2
fixed
python26-crypto
Amazon Linux 1
0:2.6.1-1.15.amzn1
fixed
python27-crypto
Amazon Linux 1
0:2.6.1-1.15.amzn1
fixed
python3-crypto
Amazon Linux 2023
0:2.6.1-34.amzn2023.0.2
fixed
python3-crypto-debuginfo
Amazon Linux 2023
0:2.6.1-34.amzn2023.0.2
fixed