2 matches found
SUSE CVE-2021-43398
Crypto++ aka Cryptopp 8.6.0 and earlier contains a timing leakage in MakePublicKey. There is a clear correlation between execution time and private key length, which may cause disclosure of the length information of the private key. This might allow attackers to conduct timing attacks. NOTE: this...
PT-2021-23829 · Crypto++ · Crypto++
Name of the Vulnerable Software and Affected Versions: Crypto++ aka Cryptopp versions 8.6.0 and earlier Description: The issue concerns a timing leakage in the MakePublicKey function, where there is a correlation between execution time and private key length. This could potentially allow attacker...