VulnerableCode Package Details - pkg:deb/debian/libcrypto%2B%2B@8.9.0-2?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-1rzn-y6tv-fybt	security update	CVE-2016-9939
VCID-4azj-gnk2-bfee	information disclosure	CVE-2021-40530
VCID-6nfn-dzeh-d3av	Crypto++ 5.6.4 incorrectly uses Microsoft's stack-based _malloca and _freea functions. The library will request a block of memory to align a table in memory. If the table is later reallocated, then the wrong pointer could be freed.	CVE-2016-7544
VCID-8kst-qb5s-uycd	denial of service	CVE-2017-9434
VCID-cq4a-bah8-nbfg	gf2n.cpp in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to cause a denial of service (application crash) via DER public-key data for an F(2^m) curve, if the degree of each term in the polynomial is not strictly decreasing.	CVE-2023-50980
VCID-mxpy-4eyq-h3ep	private key recovery	CVE-2019-14318
VCID-sj7w-zbub-5yaz	The timing attack protection in Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock in Crypto++ (aka cryptopp) before 5.6.4 may be optimized out by the compiler, which allows attackers to conduct timing attacks.	CVE-2016-3995
VCID-w94h-6497-3bbb	security update	CVE-2015-2141

Vulnerability

Summary

Aliases

VCID-1rzn-y6tv-fybt

security update

CVE-2016-9939

VCID-4azj-gnk2-bfee

information disclosure

CVE-2021-40530

VCID-6nfn-dzeh-d3av

Crypto++ 5.6.4 incorrectly uses Microsoft's stack-based _malloca and _freea functions. The library will request a block of memory to align a table in memory. If the table is later reallocated, then the wrong pointer could be freed.

CVE-2016-7544

VCID-8kst-qb5s-uycd

denial of service

CVE-2017-9434

VCID-cq4a-bah8-nbfg

gf2n.cpp in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to cause a denial of service (application crash) via DER public-key data for an F(2^m) curve, if the degree of each term in the polynomial is not strictly decreasing.

CVE-2023-50980

VCID-mxpy-4eyq-h3ep

private key recovery

CVE-2019-14318

VCID-sj7w-zbub-5yaz

The timing attack protection in Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock in Crypto++ (aka cryptopp) before 5.6.4 may be optimized out by the compiler, which allows attackers to conduct timing attacks.

CVE-2016-3995

VCID-w94h-6497-3bbb

security update

CVE-2015-2141

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-29T16:56:17.677319+00:00	Debian Importer	Fixing	VCID-cq4a-bah8-nbfg	https://security-tracker.debian.org/tracker/data/json	38.6.0
2026-05-29T16:56:17.646528+00:00	Debian Importer	Fixing	VCID-4azj-gnk2-bfee	https://security-tracker.debian.org/tracker/data/json	38.6.0
2026-05-29T16:56:17.624403+00:00	Debian Importer	Fixing	VCID-mxpy-4eyq-h3ep	https://security-tracker.debian.org/tracker/data/json	38.6.0
2026-05-29T16:56:17.604699+00:00	Debian Importer	Fixing	VCID-8kst-qb5s-uycd	https://security-tracker.debian.org/tracker/data/json	38.6.0
2026-05-29T16:56:17.582833+00:00	Debian Importer	Fixing	VCID-1rzn-y6tv-fybt	https://security-tracker.debian.org/tracker/data/json	38.6.0
2026-05-29T16:56:17.562656+00:00	Debian Importer	Fixing	VCID-6nfn-dzeh-d3av	https://security-tracker.debian.org/tracker/data/json	38.6.0
2026-05-29T16:56:17.539321+00:00	Debian Importer	Fixing	VCID-sj7w-zbub-5yaz	https://security-tracker.debian.org/tracker/data/json	38.6.0
2026-05-29T16:56:17.521046+00:00	Debian Importer	Fixing	VCID-w94h-6497-3bbb	https://security-tracker.debian.org/tracker/data/json	38.6.0