Vulnerabilities > Cryptopp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-30 | CVE-2016-7544 | Resource Management Errors vulnerability in Cryptopp Crypto++ 5.6.4 Crypto++ 5.6.4 incorrectly uses Microsoft's stack-based _malloca and _freea functions. | 7.5 |
| 2016-09-16 | CVE-2016-7420 | Information Exposure vulnerability in Cryptopp Crypto++ Crypto++ (aka cryptopp) through 5.6.4 does not document the requirement for a compile-time NDEBUG definition disabling the many assert calls that are unintended in production use, which might allow context-dependent attackers to obtain sensitive information by leveraging access to process memory after an assertion failure, as demonstrated by reading a core dump. | 5.9 |