RSS   Vulnerabilities for 'Crypto\+\+'   RSS

2021-09-06
 
CVE-2021-40530

CWE-327
 

 
The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.

 

 >>> Vendor: Cryptopp 3 Products
Crypto++ library
Crypto++
Crypto\+\+


Copyright 2021, cxsecurity.com

 

Back to Top