CVE-2023-50980 Information

Description

gf2n.cpp in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to cause a denial of service (application crash) via DER public-key data for an F(2^m) curve if the degree of each term in the polynomial is not strictly decreasing.

Reference

https://github.com/weidai11/cryptopp/issues/1248