Lucene search
K

629 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Botan

Botan is a C++ cryptography library. Starting from version 2.3.0 and before version 3.11.0, during SM2 decryption, the code responsible for checking the authentication code value C3 failed to verify that the encoded value had the expected length before comparison. An invalid ciphertext could lead...

8.2CVSS7.2AI score0.00278EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/29 2:21 p.m.11 views

CVE-2026-44378

A flaw was found in Botan, a C++ cryptography library. A remote attacker could exploit this vulnerability by sending specially crafted Basic Encoding Rules BER data with indefinite length encodings. This could cause quadratic behavior in the parser, leading to a denial of service DoS due to...

7.5CVSS5.8AI score0.00324EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/29 1:20 a.m.14 views

SUSE CVE-2026-44378

Botan is a C++ cryptography library. Prior to 3.12.0, certain patterns of indefinite length encodings in BER data could cause quadratic behavior in the parser, resulting in a denial of service. Such BER encodings were accepted even in structures which are required to be encoded as DER, which...

6.9CVSS5.8AI score0.00324EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/27 7:33 p.m.11 views

Inefficient Algorithmic Complexity

Overview Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity via the BER data parsing process. An attacker can cause excessive resource consumption and service disruption by submitting specially crafted indefinite length encodings. Remediation Upgrade botan to...

7.5CVSS5.8AI score0.00324EPSS
Exploits0References2
NVD
NVD
added 2026/05/27 6:16 p.m.12 views

CVE-2026-44378

Botan is a C++ cryptography library. Prior to 3.12.0, certain patterns of indefinite length encodings in BER data could cause quadratic behavior in the parser, resulting in a denial of service. Such BER encodings were accepted even in structures which are required to be encoded as DER, which...

7.5CVSS0.00324EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 4:34 p.m.47 views

CVE-2026-44378 Botan: Quadratic complexity decoding BER indefinite length encodings

Botan is a C++ cryptography library. Prior to 3.12.0, certain patterns of indefinite length encodings in BER data could cause quadratic behavior in the parser, resulting in a denial of service. Such BER encodings were accepted even in structures which are required to be encoded as DER, which...

6.9CVSS0.00324EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 4:34 p.m.9 views

CVE-2026-44378 Botan: Quadratic complexity decoding BER indefinite length encodings

Botan is a C++ cryptography library. Prior to 3.12.0, certain patterns of indefinite length encodings in BER data could cause quadratic behavior in the parser, resulting in a denial of service. Such BER encodings were accepted even in structures which are required to be encoded as DER, which...

6.9CVSS5.8AI score0.00324EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 4:34 p.m.11 views

EUVD-2026-32582

Botan is a C++ cryptography library. Prior to 3.12.0, certain patterns of indefinite length encodings in BER data could cause quadratic behavior in the parser, resulting in a denial of service. Such BER encodings were accepted even in structures which are required to be encoded as DER, which...

6.9CVSS5.8AI score0.00324EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 4:34 p.m.9 views

CVE-2026-44378

Botan is a C++ cryptography library. Prior to 3.12.0, certain patterns of indefinite length encodings in BER data could cause quadratic behavior in the parser, resulting in a denial of service. Such BER encodings were accepted even in structures which are required to be encoded as DER, which...

6.9CVSS5.8AI score0.00324EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/27 4:34 p.m.23 views

CVE-2026-44378

Botan (C++ cryptography library) is affected prior to version 3.12.0. Indefinite-length BER encodings could trigger quadratic parser behavior, even in structures that must be DER, leading to denial of service. The issue is fixed in 3.12.0. There are no explicit exploit details or in-the-wild expl...

7.5CVSS5.8AI score0.00324EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinux
added 2026/05/27 4:34 p.m.10 views

CVE-2026-44378

Botan is a C++ cryptography library. Prior to 3.12.0, certain patterns of indefinite length encodings in BER data could cause quadratic behavior in the parser, resulting in a denial of service. Such BER encodings were accepted even in structures which are required to be encoded as DER, which...

7.5CVSS5.8AI score0.00324EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Botan 安全漏洞

Botan is a C++ encryption library developed by Jack Lloyd as an individual project. Versions of Botan prior to 3.12.0 contained security vulnerabilities. These vulnerabilities were caused byBER data, which led to reassembly behavior by the parser, potentially resulting in denial-of-service attack...

7.5CVSS5.8AI score0.00324EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.11 views

PT-2026-42855

Name of the Vulnerable Software and Affected Versions Botan versions prior to 3.12.0 Description Certain patterns of indefinite length encodings in Basic Encoding Rules BER data can cause quadratic behavior in the parser, leading to a denial of service. These BER encodings were accepted even in...

7.5CVSS5.8AI score0.00324EPSS
Exploits0References8
Fedora
Fedora
added 2026/04/28 1:36 a.m.11 views

[SECURITY] Fedora 44 Update: botan3-3.9.0-7.fc44

Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \11 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...

9.3CVSS5.2AI score0.00278EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.9 views

openSUSE 16 Security Update : Botan (openSUSE-SU-2026:20566-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20566-1 advisory. This update for Botan fixes the following issue: - CVE-2026-32884: Certificate validation bypass due to mixed-case Common Name in X.509 certificates...

5.9CVSS5.8AI score0.00158EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/21 12:0 a.m.7 views

Security update for Botan (critical)

openSUSE security update: security update for botan ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20528-1 Rating: critical References: bsc1261880 Cross-References: CVE-2026-34582 CVSS scores: CVE-2026-34582 SUSE : 9.1...

9.1CVSS5.8AI score0.00233EPSS
Exploits0References1
OSV
OSV
added 2026/04/20 8:27 a.m.6 views

OPENSUSE-SU-2026:20566-1 Security update for Botan

This update for Botan fixes the following issue: - CVE-2026-32884: Certificate validation bypass due to mixed-case Common Name in X.509 certificates bsc1261993...

5.9CVSS5.8AI score0.00158EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/20 12:0 a.m.7 views

Security update for Botan (important)

openSUSE Security Update: Security update for Botan Announcement ID: openSUSE-SU-2026:0142-1 Rating: important References: 1261880 Cross-References: CVE-2026-34582 CVSS scores: CVE-2026-34582 SUSE: 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: openSUSE Backports SLE-15-SP7 A...

9.1CVSS5.7AI score0.00233EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/15 12:0 a.m.7 views

Botan-3.11.1-1.1 on GA media (moderate)

Botan-3.11.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:10540-1 Rating: moderate Cross-References: CVE-2026-35580 CVE-2026-35582 Affected Products: openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. Description: These are all security issues fixed in the...

9.1CVSS5.8AI score0.00861EPSS
Exploits2
OSV
OSV
added 2026/04/14 11:18 a.m.4 views

OPENSUSE-SU-2026:20528-1 Security update for Botan

This update for Botan fixes the following issues: - CVE-2026-34582: Fixed a client authentication bypass in TLS 1.3 implementation bsc1261880...

9.1CVSS5.8AI score0.00233EPSS
Exploits0References2
Rows per page
Query Builder