14 matches found
SUSE-SU-2024:0030-1 Security update for libcryptopp
This update for libcryptopp fixes the following issues: - CVE-2023-50980: Fixed DoS via malformed DER public key file bsc1218219...
Denial Of Service (DoS)
libcryptopp.so is vulnerable to Denial Of Service DoS. The vulnerability is caused when DER public key data for an F2^m curve is not strictly decreasing each polynomial term, which allows an attacker to cause an application crash...
CVE-2023-50981
ModularSquareRoot in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service infinite loop via crafted DER public-key data associated with squared odd numbers, such as the square of 268995137513890432434389773128616504853...
DEBIAN-CVE-2023-50980
gf2n.cpp in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service application crash via DER public-key data for an F2^m curve, if the degree of each term in the polynomial is not strictly decreasing...
CVE-2023-50981
ModularSquareRoot in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service infinite loop via crafted DER public-key data associated with squared odd numbers, such as the square of 268995137513890432434389773128616504853...
CVE-2023-50980
gf2n.cpp in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service application crash via DER public-key data for an F2^m curve, if the degree of each term in the polynomial is not strictly decreasing...
Code injection
ModularSquareRoot in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service infinite loop via crafted DER public-key data associated with squared odd numbers, such as the square of 268995137513890432434389773128616504853...
UBUNTU-CVE-2023-50980
gf2n.cpp in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service application crash via DER public-key data for an F2^m curve, if the degree of each term in the polynomial is not strictly decreasing...
CVE-2023-50981
ModularSquareRoot in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service infinite loop via crafted DER public-key data associated with squared odd numbers, such as the square of 268995137513890432434389773128616504853...
Command injection
gf2n.cpp in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service application crash via DER public-key data for an F2^m curve, if the degree of each term in the polynomial is not strictly decreasing...
UBUNTU-CVE-2023-50981
ModularSquareRoot in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service infinite loop via crafted DER public-key data associated with squared odd numbers, such as the square of 268995137513890432434389773128616504853...
CVE-2023-50980
gf2n.cpp in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service application crash via DER public-key data for an F2^m curve, if the degree of each term in the polynomial is not strictly decreasing...
CVE-2023-50981
ModularSquareRoot in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service infinite loop via crafted DER public-key data associated with squared odd numbers, such as the square of 268995137513890432434389773128616504853...
CVE-2023-50980
gf2n.cpp in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service application crash via DER public-key data for an F2^m curve, if the degree of each term in the polynomial is not strictly decreasing...