{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2016-7420","assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","dateUpdated":"2025-11-14T20:04:12.033Z","dateReserved":"2016-09-09T00:00:00.000Z","datePublished":"2016-09-16T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre","dateUpdated":"2023-09-28T17:06:25.705Z"},"descriptions":[{"lang":"en","value":"Crypto++ (aka cryptopp) through 5.6.4 does not document the requirement for a compile-time NDEBUG definition disabling the many assert calls that are unintended in production use, which might allow context-dependent attackers to obtain sensitive information by leveraging access to process memory after an assertion failure, as demonstrated by reading a core dump."}],"affected":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}],"references":[{"url":"https://github.com/weidai11/cryptopp/commit/553049ba297d89d9e8fbf2204acb40a8a53f5cd6"},{"name":"92988","tags":["vdb-entry"],"url":"http://www.securityfocus.com/bid/92988"},{"name":"[oss-security] 20160915 Re: Does a documentation bug elevate to CVE status? - Crypto++","tags":["mailing-list"],"url":"http://www.openwall.com/lists/oss-security/2016/09/16/1"},{"url":"https://github.com/weidai11/cryptopp/issues/277"},{"name":"[oss-security] 20160915 Re: Does a documentation bug elevate to CVE status? - Crypto++","tags":["mailing-list"],"url":"http://www.openwall.com/lists/oss-security/2016/09/15/12"},{"name":"[oss-security] 20230928 Re: CVE-2023-4863: libwebp: Heap buffer overflow in WebP Codec","tags":["mailing-list"],"url":"http://www.openwall.com/lists/oss-security/2023/09/28/2"},{"name":"[oss-security] 20230928 Re: CVE-2023-4863: libwebp: Heap buffer overflow in WebP Codec","tags":["mailing-list"],"url":"http://www.openwall.com/lists/oss-security/2023/09/28/4"}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"n/a"}]}],"datePublic":"2016-09-15T00:00:00.000Z"},"adp":[{"title":"CVE Program Container","references":[{"url":"https://github.com/weidai11/cryptopp/commit/553049ba297d89d9e8fbf2204acb40a8a53f5cd6","tags":["x_transferred"]},{"name":"92988","tags":["vdb-entry","x_transferred"],"url":"http://www.securityfocus.com/bid/92988"},{"name":"[oss-security] 20160915 Re: Does a documentation bug elevate to CVE status? - Crypto++","tags":["mailing-list","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2016/09/16/1"},{"url":"https://github.com/weidai11/cryptopp/issues/277","tags":["x_transferred"]},{"name":"[oss-security] 20160915 Re: Does a documentation bug elevate to CVE status? - Crypto++","tags":["mailing-list","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2016/09/15/12"},{"name":"[oss-security] 20230928 Re: CVE-2023-4863: libwebp: Heap buffer overflow in WebP Codec","tags":["mailing-list","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2023/09/28/2"},{"name":"[oss-security] 20230928 Re: CVE-2023-4863: libwebp: Heap buffer overflow in WebP Codec","tags":["mailing-list","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2023/09/28/4"},{"url":"http://www.openwall.com/lists/oss-security/2025/11/14/5"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-14T20:04:12.033Z"}}]}}