AVG-2528 log

Package crypto++
Status Fixed
Severity Medium
Type private key recovery
Affected 8.5.0-2
Fixed 8.6.0-1
Current 8.7.0-1 [extra]
Ticket None
Created Fri Nov 5 10:42:46 2021
Issue Severity Remote Type Description
CVE-2021-43398 Medium Yes Private key recovery
Crypto++ 8.6.0 and earlier contains a timing leakage in MakePublicKey(). There is a clear correlation between execution time and private key length, which...