CVE-2021-43398 in Crypto++informazioni

Riassunto

di MITRE • 05/11/2021

Crypto++ (aka Cryptopp) 8.6.0 and earlier contains a timing leakage in MakePublicKey(). There is a clear correlation between execution time and private key length, which may cause disclosure of the length information of the private key. This might allow attackers to conduct timing attacks.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Prenotare

04/11/2021

Divulgazione

05/11/2021

Moderazione

accettato

CPE

pronto

EPSS

0.01899

KEV

no

Attività

molto basso

Fonti

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!