The vulnerability of the lib/utils/ghash/ghash.cpp component of the Botan cryptographic library, related to information disclosure due to incompatibilities, allows attackers to gain access to confidential data.

🗓️ 14 Nov 2024 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 4 Views

The Botan library ghash component has a compatibility related information disclosure vulnerability enabling remote access to confidential data.

Reporter	Title	Published	Views	Family All 37
AlpineLinux	CVE-2024-50382	23 Oct 202400:00	–	alpinelinux
Circl	CVE-2024-50382	23 Oct 202419:54	–	circl
CNNVD	Botan 安全漏洞	23 Oct 202400:00	–	cnnvd
CVE	CVE-2024-50382	23 Oct 202400:00	–	cve
Cvelist	CVE-2024-50382	23 Oct 202400:00	–	cvelist
Debian CVE	CVE-2024-50382	23 Oct 202400:00	–	debiancve
NVD	CVE-2024-50382	23 Oct 202417:15	–	nvd
Tenable Nessus	openSUSE 15 Security Update : Botan (openSUSE-SU-2024:0343-1)	31 Oct 202400:00	–	nessus
Tenable Nessus	Ubuntu 22.04 LTS / 24.04 LTS / 24.10 : Botan vulnerabilities (USN-7586-1)	25 Jun 202500:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2024-50382	6 Mar 202500:00	–	nessus

Source	Link
github	www.github.com/randombit/botan/commit/53b0cfde580e86b03d0d27a488b6c134f662e957
github	www.github.com/randombit/botan/compare/3.5.0...3.6.0
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-50382
security-tracker	www.security-tracker.debian.org/tracker/CVE-2024-50382
wiki	www.wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47
repo	www.repo.red-soft.ru/redos/7.3c/x86_64/updates/
xn--80ahaefyxhn	www.xn--80ahaefyxhn.xn--j1afgaq.xn--p1ai/bin/view/%D0%9E%D0%A1%D0%BD%D0%BE%D0%B2%D0%B0/%D0%9E%D0%B1%D0%BD%D0%BE%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F/3.1/
web	www.web.nvd.nist.gov/view/vuln/detail

04 Mar 2026 00:00Current

5.4Medium risk

Vulners AI Score5.4

CVSS 25.4

CVSS 35.9

EPSS0.00546

Botan library ghash component information disclosure compatibility issues remote attacker confidential data