Known Vulnerabilities for products from Cryptopp
Listed below are 9 of the newest known vulnerabilities associated with the vendor "Cryptopp".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-43398 | Crypto++ (aka Cryptopp) 8.6.0 and earlier contains a timing leakage in MakePublicKey(). There is a clear correlation between ... | 5.3 - MEDIUM | 2021-11-04 | 2023-11-07 |
| CVE-2021-40530 | The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during interaction between two cryptogr... | 5.9 - MEDIUM | 2021-09-06 | 2023-11-07 |
| CVE-2019-14318 | Crypto++ 8.3.0 and earlier contains a timing side channel in ECDSA signature generation. This allows a local or remote attack... | 5.9 - MEDIUM | 2019-07-30 | 2019-08-20 |
| CVE-2017-9434 | Crypto++ (aka cryptopp) through 5.6.5 contains an out-of-bounds read vulnerability in zinflate.cpp in the Inflator filter. | 5.3 - MEDIUM | 2017-06-05 | 2023-11-07 |
| CVE-2016-9939 | Crypto++ (aka cryptopp and libcrypto++) 5.6.4 contained a bug in its ASN.1 BER decoding routine. The library will allocate a ... | 7.5 - HIGH | 2017-01-30 | 2023-11-07 |
| CVE-2016-7544 | Crypto++ 5.6.4 incorrectly uses Microsoft's stack-based _malloca and _freea functions. The library will request a block of me... | 7.5 - HIGH | 2017-01-30 | 2017-02-07 |
| CVE-2016-7420 | Crypto++ (aka cryptopp) through 5.6.4 does not document the requirement for a compile-time NDEBUG definition disabling the ma... | 5.9 - MEDIUM | 2016-09-16 | 2023-09-28 |
| CVE-2016-3995 | The timing attack protection in Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock in Crypto++ (aka cryp... | 7.5 - HIGH | 2017-02-13 | 2017-03-03 |
| CVE-2015-2141 | The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcrypt++ 5.6.2 does not properly blind private key operati... | 5 - MEDIUM | 2015-07-01 | 2018-10-30 |
Known software with vulnerabilities from Cryptopp
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Cryptopp | Crypto | 5.0 |