PT-2023-31717 · Crypto+++2 · Crypto+++2

Tomato42

·

Publicado

2023-12-18

·

Atualizado

2026-01-14

·

CVE-2023-50979

CVSS v3.1

5.9

Média

VetorAV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Crypto++ versions through 8.9.0
Description The issue is related to a Marvin side channel during decryption with PKCS#1 v1.5 padding.
Recommendations For versions through 8.9.0, update to a version that contains a fix for this issue to prevent exploitation.

Exploit

Correção

Side Channel Attack

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-203

Identificadores relacionados

CVE-2023-50979
OPENSUSE-SU-2026:10047-1
SUSE-SU-2025:4310-1
SUSE-SU-2025_4310-1

Produtos afetados

Crypto++
Debian
Suse