628 matches found
The vulnerability of the Botan cryptographic library, related to uncontrolled resource consumption, allows a hacker to cause a service failure.
The vulnerability of the Botan cryptographic library is related to uncontrolled resource consumption. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created ECDSA X.509 certificate...
OESA-2024-1925 botan2 security update
Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...
OESA-2024-1923 botan2 security update
Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...
OESA-2024-1924 botan2 security update
Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...
[SECURITY] Fedora 40 Update: botan2-2.19.5-1.fc40
Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...
openSUSE 15 Security Update : Botan (openSUSE-SU-2024:0201-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0201-1 advisory. Update to 2.19.5: Fix multiple Denial of service attacks due to X.509 cert processing: CVE-2024-34702 - boo1227238 CVE-2024-34703 - boo1227607...
openSUSE Security Advisory (openSUSE-SU-2024:0201-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OPENSUSE-SU-2024:0201-1 Security update for Botan
This update for Botan fixes the following issues: Update to 2.19.5: Fix multiple Denial of service attacks due to X.509 cert processing: CVE-2024-34702 - boo1227238 CVE-2024-34703 - boo1227607 CVE-2024-39312 - boo1227608 Fix a crash in OCB Fix a test failure in compression with certain versions o...
Security update for Botan (moderate)
openSUSE Security Update: Security update for Botan Announcement ID: openSUSE-SU-2024:0201-1 Rating: moderate References: 1227238 1227607 1227608 Cross-References: CVE-2024-34702 CVE-2024-34703 CVE-2024-39312 CVSS scores: CVE-2024-34702 SUSE: 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L...
OPENSUSE-SU-2024:14188-1 Botan-doc-2.19.5-1.1 on GA media
These are all security issues fixed in the Botan-doc-2.19.5-1.1 package on the GA media of openSUSE Tumbleweed...
ROS-20240709-04
The vulnerability in the C++ Botan cryptographic library is related to resource allocation without constraints and regulation. Exploitation of the vulnerability could allow an attacker acting remotely to forge a an ECDSA X.509 certificate...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2024:2415-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2415-1 advisory. Security fixes: - CVE-2024-34703: Fixed denial of service due to overly large elliptic curve parameters i...
SUSE CVE-2024-34702
Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to 3.5.0 and 2.19.5, checking name constraints in X.509 certificates is quadratic in the number of names and name constraints...
SUSE CVE-2024-39312
Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtree...
AZL-43942 CVE-2024-34702 affecting package botan2 2.14.0-2
Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to 3.5.0 and 2.19.5, checking name constraints in X.509 certificates is quadratic in the number of names and name constraints...
AZL-43825 CVE-2024-39312 affecting package botan2 2.14.0-2
Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtree...
DEBIAN-CVE-2024-39312
Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtree...
AZL-44286 CVE-2024-39312 affecting package botan2 2.14.0-2
Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtree...
ALPINE-CVE-2024-34702
Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to 3.5.0 and 2.19.5, checking name constraints in X.509 certificates is quadratic in the number of names and name constraints...
AZL-44796 CVE-2024-34702 affecting package botan2 2.14.0-2
Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to 3.5.0 and 2.19.5, checking name constraints in X.509 certificates is quadratic in the number of names and name constraints...