Vulnerabilities > Cryptopp > Crypto > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-18 | CVE-2023-50980 | Unspecified vulnerability in Cryptopp Crypto++ gf2n.cpp in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to cause a denial of service (application crash) via DER public-key data for an F(2^m) curve, if the degree of each term in the polynomial is not strictly decreasing. | 7.5 |
2023-12-18 | CVE-2023-50981 | Infinite Loop vulnerability in Cryptopp Crypto++ ModularSquareRoot in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to cause a denial of service (infinite loop) via crafted DER public-key data associated with squared odd numbers, such as the square of 268995137513890432434389773128616504853. | 7.5 |
2023-08-22 | CVE-2022-48570 | Out-of-bounds Write vulnerability in Cryptopp Crypto++ Crypto++ through 8.4 contains a timing side channel in ECDSA signature generation. | 7.5 |
2017-01-30 | CVE-2016-9939 | Improper Input Validation vulnerability in multiple products Crypto++ (aka cryptopp and libcrypto++) 5.6.4 contained a bug in its ASN.1 BER decoding routine. | 7.5 |