Lucene search
MitreCVE-2023-50981HistoryDec 18, 2023 - 4:15 a.m.
CVE-2023-50981
2023-12-1804:15:51
CWE-835
mitre
web.nvd.nist.gov
13
crypto++
cryptopp
cve-2023-50981
modularsquareroot
denial of service
nvd
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
17.0%
ModularSquareRoot in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to cause a denial of service (infinite loop) via crafted DER public-key data associated with squared odd numbers, such as the square of 268995137513890432434389773128616504853.
Affected configurations
Node
cryptoppcrypto\+\+Range≤8.9.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cryptopp | crypto\+\+ | * | cpe:2.3:a:cryptopp:crypto\+\+:*:*:*:*:*:*:*:* |
References
Related
nessus
nessus
prion
prion
Code injection
2023-12-18 04:15:00
debiancve
debiancve
CVE-2023-50981
2023-12-18 04:15:51
nvd
nvd
CVE-2023-50981
2023-12-18 04:15:51
veracode
veracode
Denial Of Service (DoS)
2023-12-19 08:25:18
cvelist
cvelist
CVE-2023-50981
2023-12-18 00:00:00
openvas
openvas
openSUSE: Security Advisory for libcryptopp (SUSE-SU-2024:0157-1)
2024-03-04 00:00:00
osv
osv
libcryptopp-devel-8.9.0-2.1 on GA media
2024-06-15 00:00:00
CVE-2023-50981
2023-12-18 04:15:51
ubuntucve
ubuntucve
CVE-2023-50981
2023-12-18 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
17.0%
Related for CVE-2023-50981