High severity7.5NVD Advisory· Published Feb 13, 2017· Updated May 13, 2026
CVE-2016-3995
CVE-2016-3995
Description
The timing attack protection in Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock in Crypto++ (aka cryptopp) before 5.6.4 may be optimized out by the compiler, which allows attackers to conduct timing attacks.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- www.openwall.com/lists/oss-security/2016/04/11/2nvdMailing ListPatchThird Party Advisory
- github.com/weidai11/cryptopp/issues/146nvdIssue TrackingPatchThird Party Advisory
- www.securityfocus.com/bid/85975nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.