EPSS
Percentile
53.4%
cryptopp is vulnerable to timing attack. The attack exists because the countermeasure against the timing attack in Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock is ineffective after compilation.
Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock
www.openwall.com/lists/oss-security/2016/04/11/2
www.securityfocus.com/bid/85975
github.com/weidai11/cryptopp/commit/22f493dda9674df574abba300cf75d12ae62d510
github.com/weidai11/cryptopp/issues/146
github.com/weidai11/cryptopp/pull/154