CVE-2017-9434
- Source
- https://cve.org/CVERecord?id=CVE-2017-9434
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-9434.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-9434
- Downstream
- Published
- 2017-06-05T14:29:00.653Z
- Modified
- 2026-04-16T06:25:41.810875140Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Crypto++ (aka cryptopp) through 5.6.5 contains an out-of-bounds read vulnerability in zinflate.cpp in the Inflator filter.
- References
-
- http://www.securityfocus.com/bid/99007
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7IL5A6465IEPW5GAWGXB2ENJPFYVWTJM/
- http://openwall.com/lists/oss-security/2017/06/06/2
- https://github.com/weidai11/cryptopp/commit/07dbcc3d9644b18e05c1776db2a57fe04d780965
- https://github.com/weidai11/cryptopp/issues/414
Affected packages
Git / github.com/weidai11/cryptopp
Affected versions
Other
CRYPTOPP_5_0
CRYPTOPP_5_1
CRYPTOPP_5_2
CRYPTOPP_5_2_1
CRYPTOPP_5_2_3
CRYPTOPP_5_3_0
CRYPTOPP_5_4
CRYPTOPP_5_5
CRYPTOPP_5_5_1
CRYPTOPP_5_5_2
CRYPTOPP_5_6_0
CRYPTOPP_5_6_1
CRYPTOPP_5_6_2
CRYPTOPP_5_6_3
CRYPTOPP_5_6_4
CRYPTOPP_5_6_5
Database specific
vanir_signatures
[
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2017-9434-28380511",
"digest": {
"line_hashes": [
"323341517884488183653666169007488451936",
"18807198084437282500699865652986597853",
"271337482082004636032467579005783446289",
"199463794754856889060787093126361670511",
"323205425386168729751449483174916946422",
"282228558392070175838252057636277670986",
"67516902316290556401473077345567600368",
"165199630192163806682780639880309730320",
"190020492044586742996552118139701788681"
],
"threshold": 0.9
},
"source": "https://github.com/weidai11/cryptopp/commit/07dbcc3d9644b18e05c1776db2a57fe04d780965",
"signature_type": "Line",
"target": {
"file": "zinflate.cpp"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2017-9434-3d0289ff",
"signature_type": "Function",
"source": "https://github.com/weidai11/cryptopp/commit/07dbcc3d9644b18e05c1776db2a57fe04d780965",
"digest": {
"length": 2730.0,
"function_hash": "224710083941258206766041306720462428127"
},
"target": {
"file": "zinflate.cpp",
"function": "Inflator::DecodeBody"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2017-9434-79e671bc",
"digest": {
"line_hashes": [
"249637426410913553307899980395848882793",
"329500962857133682578485821907882393858",
"298132730797582947482336732380942241743",
"323207193060896166341370851782737195099",
"249637426410913553307899980395848882793",
"329500962857133682578485821907882393858",
"258489400407140021366390839805057123061",
"216410620710447591910733204737455648490",
"249637426410913553307899980395848882793",
"63659219966971893950624419224505701163",
"327894723209560475615694736135000828857",
"151571117920949179632904206003017152112"
],
"threshold": 0.9
},
"source": "https://github.com/weidai11/cryptopp/commit/07dbcc3d9644b18e05c1776db2a57fe04d780965",
"signature_type": "Line",
"target": {
"file": "validat1.cpp"
}
},
{
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2017-9434-9b241454",
"signature_type": "Line",
"source": "https://github.com/weidai11/cryptopp/commit/07dbcc3d9644b18e05c1776db2a57fe04d780965",
"digest": {
"line_hashes": [
"113853016433871770855861407042660788897",
"132476829677205468460856921357404450958",
"281574212875578897132862701503511855224",
"163051097516836965264523934254694538290",
"49353237374441228769163090863383320557",
"276257761445143197300323566812437619864"
],
"threshold": 0.9
},
"target": {
"file": "zinflate.h"
}
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-9434.json"
vanir_signatures_modified
"2026-04-11T04:59:37Z"