gf2n.cpp in Crypto++ (aka cryptopp) up to and including 8.9.0 allows malicious users to cause a denial of service (application crash) via DER public-key data for an F(2^m) curve, if the degree of each term in the polynomial is not strictly decreasing.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cryptopp crypto\\+\\+ |