Lucene search
MitreCVE-2023-50980HistoryDec 18, 2023 - 4:15 a.m.
CVE-2023-50980
2023-12-1804:15:51
mitre
web.nvd.nist.gov
22
crypto++
cryptopp
cve-2023-50980
denial of service
der
public-key
f(2^m) curve
polynomial
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.2
Confidence
High
EPSS
0.001
Percentile
17.0%
gf2n.cpp in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to cause a denial of service (application crash) via DER public-key data for an F(2^m) curve, if the degree of each term in the polynomial is not strictly decreasing.
Affected configurations
Node
cryptoppcrypto\+\+Range≤8.9.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cryptopp | crypto\+\+ | * | cpe:2.3:a:cryptopp:crypto\+\+:*:*:*:*:*:*:*:* |
References
Related
nessus
nessus
openSUSE 15 Security Update : libcryptopp (SUSE-SU-2023:4957-1)
2023-12-22 00:00:00
prion
prion
Command injection
2023-12-18 04:15:00
cvelist
cvelist
CVE-2023-50980
2023-12-18 00:00:00
ubuntucve
ubuntucve
CVE-2023-50980
2023-12-18 00:00:00
nvd
nvd
CVE-2023-50980
2023-12-18 04:15:51
openvas
openvas
openSUSE: Security Advisory for libcryptopp (SUSE-SU-2023:4957-1)
2024-03-04 00:00:00
openSUSE: Security Advisory for libcryptopp (SUSE-SU-2024:0030-1)
2024-03-04 00:00:00
osv
osv
libcryptopp-devel-8.9.0-1.1 on GA media
2024-06-15 00:00:00
CVE-2023-50980
2023-12-18 04:15:51
debiancve
debiancve
CVE-2023-50980
2023-12-18 04:15:51
veracode
veracode
Denial Of Service (DoS)
2023-12-19 08:14:22
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.2
Confidence
High
EPSS
0.001
Percentile
17.0%
Related for CVE-2023-50980