AVG-2528 log

Package crypto++
Status Vulnerable
Severity Medium
Type private key recovery
Affected 8.5.0-2
Fixed Unknown
Current 8.5.0-2 [community]
Ticket Create
Created Fri Nov 5 10:42:46 2021
Issue Severity Remote Type Description
CVE-2021-43398 Medium Yes Private key recovery
Crypto++ 8.6.0 and earlier contains a timing leakage in MakePublicKey(). There is a clear correlation between execution time and private key length, which...