CVE-2017-9434Out-of-bounds Read in Crypto

CWE-125Out-of-bounds Read8 documents6 sources
Severity
5.3MEDIUMNVD
EPSS
0.5%
top 35.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Debian LibcryptoCryptopp Crypto
Timeline
PublishedJun 5
Latest updateMay 14

Description

Crypto++ (aka cryptopp) through 5.6.5 contains an out-of-bounds read vulnerability in zinflate.cpp in the Inflator filter.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

NVDcryptopp/crypto5.6.4
debiandebian/libcrypto< libcrypto++ 5.6.4-7 (bookworm)

🔴Vulnerability Details

2
GHSA
GHSA-2c95-vmhq-43cg: Crypto++ (aka cryptopp) through 52022-05-14
OSV
CVE-2017-9434: Crypto++ (aka cryptopp) through 52017-06-05

📋Vendor Advisories

2
Ubuntu
Crypto++ vulnerability2021-03-15
Debian
CVE-2017-9434: libcrypto++ - Crypto++ (aka cryptopp) through 5.6.5 contains an out-of-bounds read vulnerabili...2017

💬Community

3
Bugzilla
CVE-2017-9434 cryptopp: Out-of-bounds read in zinflate [epel-all]2017-06-05
Bugzilla
CVE-2017-9434 cryptopp: Out-of-bounds read in zinflate [fedora-all]2017-06-05
Bugzilla
CVE-2017-9434 cryptopp: Out-of-bounds read in zinflate2017-06-05
CVE-2017-9434 — Out-of-bounds Read in Cryptopp Crypto | cvebase