Information on source package libcrypto++

Available versions

ReleaseVersion
bullseye8.4.0-1
bookworm8.7.0+git220824-1
trixie8.9.0-1.1
sid8.9.0-1.1

Open issues

BugbullseyebookwormtrixiesidDescription
CVE-2024-28285vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerablevulnerableA Fault Injection vulnerability in the SymmetricDecrypt function in cr ...
CVE-2023-50981vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerablevulnerableModularSquareRoot in Crypto++ (aka cryptopp) through 8.9.0 allows atta ...
CVE-2023-50980vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerablevulnerablegf2n.cpp in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to ...
CVE-2023-50979vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerablevulnerableCrypto++ (aka cryptopp) through 8.9.0 has a Marvin side channel during ...
CVE-2022-48570vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerablevulnerableCrypto++ through 8.4 contains a timing side channel in ECDSA signature ...
CVE-2021-40530vulnerable (no DSA)fixedfixedfixedThe ElGamal implementation in Crypto++ through 8.5 allows plaintext re ...

Open unimportant issues

BugbullseyebookwormtrixiesidDescription
CVE-2016-7420vulnerablevulnerablevulnerablevulnerableCrypto++ (aka cryptopp) through 5.6.4 does not document the requiremen ...

Resolved issues

BugDescription
CVE-2019-14318Crypto++ 8.3.0 and earlier contains a timing side channel in ECDSA sig ...
CVE-2017-9434Crypto++ (aka cryptopp) through 5.6.5 contains an out-of-bounds read v ...
CVE-2016-9939Crypto++ (aka cryptopp and libcrypto++) 5.6.4 contained a bug in its A ...
CVE-2016-7544Crypto++ 5.6.4 incorrectly uses Microsoft's stack-based _malloca and _ ...
CVE-2016-3995The timing attack protection in Rijndael::Enc::ProcessAndXorBlock and ...
CVE-2015-2141The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcr ...

Security announcements

DSA / DLADescription
DLA-766-1libcrypto++ - security update
DSA-3748-1libcrypto++ - security update
DLA-262-1libcrypto++ - security update
DSA-3296-1libcrypto++ - security update

Search for package or bug name: Reporting problems