Linux Distros Unpatched Vulnerability : CVE-2021-24115

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations base32, base58, base64, and hex. CVE-2021-24115 Not...

Linux Distros Unpatched Vulnerability : CVE-2018-9860

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving si...

Linux Distros Unpatched Vulnerability : CVE-2018-9127

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Botan 2.2.0 - 2.4.0 fixed in 2.5.0 improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125...

Linux Distros Unpatched Vulnerability : CVE-2018-20187

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A side-channel issue was discovered in Botan before 2.9.0. An attacker capable of precisely measuring the time taken for ECC key generation may be able to deriv...

Ubuntu 22.04 LTS / 24.04 LTS / 24.10 : Botan vulnerabilities (USN-7586-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7586-1 advisory. It was discovered that Botan could have compiler dependent operations induced under certain circumstances. An attacker could possibly...

Ubuntu: Security Advisory (USN-7586-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7586-1: Botan vulnerabilities

It was discovered that Botan could have compiler dependent operations induced under certain circumstances. An attacker could possibly use this issue to cause undefined behavior. CVE-2024-50382, CVE-2024-50383 Bing Shi discovered that Botan did not limit the size of certain inputs when checking...

CVE-2017-7252

bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password...

Linux Distros Unpatched Vulnerability : CVE-2024-50383

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 used in...

Linux Distros Unpatched Vulnerability : CVE-2024-50382

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp in GHASH in AES-GCM...

Linux Distros Unpatched Vulnerability : CVE-2024-39312

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the...

Linux Distros Unpatched Vulnerability : CVE-2022-43705

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Botan before 2.19.3, it is possible to forge OCSP responses due to a certificate verification error. This issue was introduced in Botan 1.11.34 November 2016...

Linux Distros Unpatched Vulnerability : CVE-2024-34702

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the...

Linux Distros Unpatched Vulnerability : CVE-2024-34703

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the...

Linux Distros Unpatched Vulnerability : CVE-2021-40529

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two...

The vulnerability of the lib/utils/ghash/ghash.cpp component of the Botan cryptographic library, related to information disclosure due to incompatibilities, allows attackers to gain access to confidential data.

The vulnerability of the lib/utils/ghash/ghash.cpp component of the Botan cryptographic library is related to the exposure of information through incompatibility. Exploiting this vulnerability could allow an attacker operating remotely to gain access to confidential data...

The vulnerability of the lib/utils/donna128.h component of the Botan cryptographic library, related to information disclosure due to incompatibilities, allows attackers to gain access to confidential data.

The vulnerability of the lib/utils/donna128.h component in the Botan cryptographic library is related to the exposure of information through incompatibility. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to confidential data...

OESA-2024-2330 botan2 security update

Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...

OESA-2024-2329 botan2 security update

Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...

OESA-2024-2328 botan2 security update

Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...