Back to search
CVE-2016-7420
Published: Sep 16, 2016
Modified: Nov 14, 2025
PUBLISHED
Description
Crypto++ (aka cryptopp) through 5.6.4 does not document the requirement for a compile-time NDEBUG definition disabling the many assert calls that are unintended in production use, which might allow context-dependent attackers to obtain sensitive information by leveraging access to process memory after an assertion failure, as demonstrated by reading a core dump.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
92988
vdb-entry
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now