Cryptopp Crypto++ 8.4.0

CPE Details

Cryptopp Crypto++ 8.4.0
8.4.0
2021-11-05
12h19 +00:00
2021-11-09
19h36 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:cryptopp:crypto\+\+:8.4.0:*:*:*:*:*:*:*

Informations

Vendor

cryptopp

Product

crypto\+\+

Version

8.4.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-50979 2023-12-17 23h00 +00:00 Crypto++ (aka cryptopp) through 8.9.0 has a Marvin side channel during decryption with PKCS#1 v1.5 padding.
5.9
Medium
CVE-2023-50980 2023-12-17 23h00 +00:00 gf2n.cpp in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to cause a denial of service (application crash) via DER public-key data for an F(2^m) curve, if the degree of each term in the polynomial is not strictly decreasing.
7.5
High
CVE-2023-50981 2023-12-17 23h00 +00:00 ModularSquareRoot in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to cause a denial of service (infinite loop) via crafted DER public-key data associated with squared odd numbers, such as the square of 268995137513890432434389773128616504853.
7.5
High
CVE-2022-48570 2023-08-21 22h00 +00:00 Crypto++ through 8.4 contains a timing side channel in ECDSA signature generation. Function FixedSizeAllocatorWithCleanup could write to memory outside of the allocation if the allocated memory was not 16-byte aligned. NOTE: this issue exists because the CVE-2019-14318 fix was intentionally removed for functionality reasons.
7.5
High
CVE-2021-43398 2021-11-04 19h06 +00:00 Crypto++ (aka Cryptopp) 8.6.0 and earlier contains a timing leakage in MakePublicKey(). There is a clear correlation between execution time and private key length, which may cause disclosure of the length information of the private key. This might allow attackers to conduct timing attacks. NOTE: this report is disputed by the vendor and multiple third parties. The execution-time differences are intentional. A user may make a choice of a longer key as a tradeoff between strength and performance. In making this choice, the amount of information leaked to an adversary is of infinitesimal value
5.3
Medium
CVE-2021-40530 2021-09-06 16h44 +00:00 The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.
5.9
Medium