Vulnerabilities > Cryptopp > Crypto > 8.6.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-18 | CVE-2023-50979 | Information Exposure Through Discrepancy vulnerability in Cryptopp Crypto++ Crypto++ (aka cryptopp) through 8.9.0 has a Marvin side channel during decryption with PKCS#1 v1.5 padding. | 5.9 |
| 2023-12-18 | CVE-2023-50980 | Unspecified vulnerability in Cryptopp Crypto++ gf2n.cpp in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to cause a denial of service (application crash) via DER public-key data for an F(2^m) curve, if the degree of each term in the polynomial is not strictly decreasing. | 7.5 |
| 2023-12-18 | CVE-2023-50981 | Infinite Loop vulnerability in Cryptopp Crypto++ ModularSquareRoot in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to cause a denial of service (infinite loop) via crafted DER public-key data associated with squared odd numbers, such as the square of 268995137513890432434389773128616504853. | 7.5 |
| 2021-11-04 | CVE-2021-43398 | Information Exposure Through Discrepancy vulnerability in Cryptopp Crypto++ Crypto++ (aka Cryptopp) 8.6.0 and earlier contains a timing leakage in MakePublicKey(). | 5.3 |