rpm package
suse/libcryptopp&distro=SUSE Linux Enterprise Module for Basesystem 15 SP6
pkg:rpm/suse/libcryptopp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-28285 | Cri | 9.8 | < 8.6.0-150400.3.9.1 | 8.6.0-150400.3.9.1 | May 14, 2024 | A Fault Injection vulnerability in the SymmetricDecrypt function in cryptopp/elgamal.h of Cryptopp Crypto++ 8.9, allows an attacker to co-reside in the same system with a victim process to disclose information and escalate privileges. | |
| CVE-2023-50979 | — | < 8.6.0-150400.3.12.1 | 8.6.0-150400.3.12.1 | Dec 18, 2023 | Crypto++ (aka cryptopp) through 8.9.0 has a Marvin side channel during decryption with PKCS#1 v1.5 padding. |
- affected < 8.6.0-150400.3.9.1fixed 8.6.0-150400.3.9.1
A Fault Injection vulnerability in the SymmetricDecrypt function in cryptopp/elgamal.h of Cryptopp Crypto++ 8.9, allows an attacker to co-reside in the same system with a victim process to disclose information and escalate privileges.
- CVE-2023-50979Dec 18, 2023affected < 8.6.0-150400.3.12.1fixed 8.6.0-150400.3.12.1
Crypto++ (aka cryptopp) through 8.9.0 has a Marvin side channel during decryption with PKCS#1 v1.5 padding.