Lucene search
GoogleOSV:CVE-2023-50980HistoryDec 18, 2023 - 4:15 a.m.
CVE-2023-50980
2023-12-1804:15:51
Google
osv.dev
6
crypto++
dos
der
public-key
f(2^m)
curve
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.7
Confidence
High
EPSS
0.001
Percentile
17.0%
gf2n.cpp in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to cause a denial of service (application crash) via DER public-key data for an F(2^m) curve, if the degree of each term in the polynomial is not strictly decreasing.
References
Related
prion
prion
Command injection
2023-12-18 04:15:00
cvelist
cvelist
CVE-2023-50980
2023-12-18 00:00:00
nessus
nessus
openSUSE 15 Security Update : libcryptopp (SUSE-SU-2023:4957-1)
2023-12-22 00:00:00
cve
cve
CVE-2023-50980
2023-12-18 04:15:51
openvas
openvas
openSUSE: Security Advisory for libcryptopp (SUSE-SU-2023:4957-1)
2024-03-04 00:00:00
openSUSE: Security Advisory for libcryptopp (SUSE-SU-2024:0030-1)
2024-03-04 00:00:00
osv
osv
libcryptopp-devel-8.9.0-1.1 on GA media
2024-06-15 00:00:00
ubuntucve
ubuntucve
CVE-2023-50980
2023-12-18 00:00:00
nvd
nvd
CVE-2023-50980
2023-12-18 04:15:51
debiancve
debiancve
CVE-2023-50980
2023-12-18 04:15:51
veracode
veracode
Denial Of Service (DoS)
2023-12-19 08:14:22
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.7
Confidence
High
EPSS
0.001
Percentile
17.0%
Related for OSV:CVE-2023-50980