{"id":"CVE-2023-50980","details":"gf2n.cpp in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to cause a denial of service (application crash) via DER public-key data for an F(2^m) curve, if the degree of each term in the polynomial is not strictly decreasing.","modified":"2026-04-10T05:05:46.051976Z","published":"2023-12-18T04:15:51.067Z","related":["SUSE-SU-2023:4957-1","SUSE-SU-2024:0030-1","openSUSE-SU-2024:13528-1"],"references":[{"type":"REPORT","url":"https://github.com/weidai11/cryptopp/issues/1248"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/weidai11/cryptopp","events":[{"introduced":"0"},{"last_affected":"843d74c7c97f9e19a615b8ff3c0ca06599ca501b"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"8.9.0"}]}}],"versions":["CRYPTOPP_5_0","CRYPTOPP_5_1","CRYPTOPP_5_2","CRYPTOPP_5_2_1","CRYPTOPP_5_2_3","CRYPTOPP_5_3_0","CRYPTOPP_5_4","CRYPTOPP_5_5","CRYPTOPP_5_5_1","CRYPTOPP_5_5_2","CRYPTOPP_5_6_0","CRYPTOPP_5_6_1","CRYPTOPP_5_6_2","CRYPTOPP_5_6_3","CRYPTOPP_5_6_4","CRYPTOPP_5_6_5","CRYPTOPP_6_0_0","CRYPTOPP_7_0_0","CRYPTOPP_8_0_0","CRYPTOPP_8_1_0","CRYPTOPP_8_2_0","CRYPTOPP_8_3_0","CRYPTOPP_8_4_0","CRYPTOPP_8_5_0","CRYPTOPP_8_6_0","CRYPTOPP_8_7_0","CRYPTOPP_8_8_0","CRYPTOPP_8_9_0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-50980.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}