Cryptopp Crypto++ 8.9.0

CPE Details

Cryptopp Crypto++ 8.9.0
cryptopp
crypto\+\+
8.9.0
2023-12-29
09h15 +00:00
2023-12-29
09h15 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:cryptopp:crypto\+\+:8.9.0:*:*:*:*:*:*:*

Informations

Vendor

cryptopp

Product

crypto\+\+

Version

8.9.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-50979 2023-12-17 23h00 +00:00 Crypto++ (aka cryptopp) through 8.9.0 has a Marvin side channel during decryption with PKCS#1 v1.5 padding.
5.9
Medium
CVE-2023-50980 2023-12-17 23h00 +00:00 gf2n.cpp in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to cause a denial of service (application crash) via DER public-key data for an F(2^m) curve, if the degree of each term in the polynomial is not strictly decreasing.
7.5
High
CVE-2023-50981 2023-12-17 23h00 +00:00 ModularSquareRoot in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to cause a denial of service (infinite loop) via crafted DER public-key data associated with squared odd numbers, such as the square of 268995137513890432434389773128616504853.
7.5
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.