Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2021/11/04 9:15 p.m.8 views

CVE-2021-43398

Crypto++ aka Cryptopp 8.6.0 and earlier contains a timing leakage in MakePublicKey. There is a clear correlation between execution time and private key length, which may cause disclosure of the length information of the private key. This might allow attackers to conduct timing attacks. NOTE: this...

5.3CVSS0.00423EPSS
Exploits1References3
Prion
Prionadded 2021/11/04 9:15 p.m.11 views

Information disclosure

DISPUTED Crypto++ aka Cryptopp 8.6.0 and earlier contains a timing leakage in MakePublicKey. There is a clear correlation between execution time and private key length, which may cause disclosure of the length information of the private key. This might allow attackers to conduct timing attacks...

5CVSS5.2AI score0.00423EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2021/11/04 9:15 p.m.0 views

UBUNTU-CVE-2021-43398

DISPUTED Crypto++ aka Cryptopp 8.6.0 and earlier contains a timing leakage in MakePublicKey. There is a clear correlation between execution time and private key length, which may cause disclosure of the length information of the private key. This might allow attackers to conduct timing attacks...

5.3CVSS6.2AI score0.00423EPSS
Exploits1References4
UbuntuCve
UbuntuCveadded 2021/11/04 9:15 p.m.20 views

CVE-2021-43398

Crypto++ aka Cryptopp 8.6.0 and earlier contains a timing leakage in MakePublicKey. There is a clear correlation between execution time and private key length, which may cause disclosure of the length information of the private key. This might allow attackers to conduct timing attacks. NOTE: this...

5.3CVSS6.3AI score0.00423EPSS
Exploits1References3
Debian CVE
Debian CVEadded 2021/11/04 8:6 p.m.14 views

CVE-2021-43398

Removed by vendor...

5.3CVSS5.6AI score0.00423EPSS
Exploits1
CVE
CVEadded 2021/11/04 8:6 p.m.46 views

CVE-2021-43398

Crypto++ (Cryptopp) versions 8.6.0 and earlier have a timing leakage in MakePublicKey(), with execution time correlated to private key length. This could enable timing-based information disclosure, though the vendor and third parties dispute the severity and attribute differences to an intentiona...

5.3CVSS5.1AI score0.00423EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2021/11/04 8:6 p.m.11 views

CVE-2021-43398

Crypto++ aka Cryptopp 8.6.0 and earlier contains a timing leakage in MakePublicKey. There is a clear correlation between execution time and private key length, which may cause disclosure of the length information of the private key. This might allow attackers to conduct timing attacks. NOTE: this...

5.4AI score0.00423EPSS
Exploits1References3
CNNVD
CNNVDadded 2021/11/04 12:0 a.m.2 views

Crypto++ 安全漏洞

Crypto++ is a C++ cryptographic method library. A security vulnerability exists in Crypto++ a.k.a. Cryptopp versions 8.6.0 and earlier, which stems from the software containing a timing leak in MakePublicKey. There is a significant correlation between the private key execution time and the privat...

5.3CVSS6AI score0.00423EPSS
Exploits1References3
Rows per page
Query Builder