CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

628 matches found

OSV•added 2024/07/08 5:15 p.m.•0 views

ALPINE-CVE-2024-39312

Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtree...

5.3CVSS7.2AI score0.00272EPSS

Exploits0References1

OSV•added 2024/07/08 5:15 p.m.•5 views

AZL-43825 CVE-2024-39312 affecting package botan2 2.14.0-2

5.3CVSS5.7AI score0.00272EPSS

Exploits0References1

OSV•added 2024/07/08 5:15 p.m.•3 views

AZL-44286 CVE-2024-39312 affecting package botan2 2.14.0-2

5.3CVSS5.7AI score0.00272EPSS

Exploits0References1

OSV•added 2024/07/08 5:15 p.m.•4 views

ALPINE-CVE-2024-34702

Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to 3.5.0 and 2.19.5, checking name constraints in X.509 certificates is quadratic in the number of names and name constraints...

5.3CVSS6.8AI score0.00845EPSS

Exploits0References1

UbuntuCve•added 2024/07/08 5:15 p.m.•17 views

CVE-2024-39312

5.3CVSS6.1AI score0.00272EPSS

Exploits0References3

UbuntuCve•added 2024/07/08 5:15 p.m.•13 views

CVE-2024-34702

5.3CVSS6AI score0.00845EPSS

Exploits0References15

OSV•added 2024/07/08 5:15 p.m.•1 views

UBUNTU-CVE-2024-34702

5.3CVSS5.7AI score0.00845EPSS

Exploits0References16

OSV•added 2024/07/08 5:15 p.m.•2 views

UBUNTU-CVE-2024-39312

5.3CVSS5.8AI score0.00272EPSS

Exploits0References4

Cvelist•added 2024/07/08 4:30 p.m.•21 views

CVE-2024-39312 Botan has an Authorization Error due to Name Constraint Decoding Bug

5.3CVSS0.00272EPSS

Exploits0References1

Vulnrichment•added 2024/07/08 4:30 p.m.•17 views

CVE-2024-39312 Botan has an Authorization Error due to Name Constraint Decoding Bug

5.3CVSS7AI score0.00272EPSS

Exploits0References1

Debian CVE•added 2024/07/08 4:30 p.m.•15 views

CVE-2024-39312

5.3CVSS5.8AI score0.00272EPSS

Exploits0

OSV•added 2024/07/08 4:30 p.m.•18 views

CVE-2024-39312 Botan has an Authorization Error due to Name Constraint Decoding Bug

5.3CVSS5.5AI score0.00272EPSS

Exploits0References3

CVE•added 2024/07/08 4:30 p.m.•72 views

CVE-2024-39312

Botan CVE-2024-39312 affects the X.509 name-contraint check: when a certificate’s name is present in both permitted and excluded subtrees, the parser may erroneously accept it. The issue is resolved by upgrading Botan to 3.5.0 or 2.19.5 (fixed versions cited in multiple sources). The vulnerabilit...

5.3CVSS5.8AI score0.00272EPSS

Exploits0References1Affected Software1

AlpineLinux•added 2024/07/08 4:30 p.m.•16 views

CVE-2024-39312

5.3CVSS5.6AI score0.00272EPSS

Exploits0

Vulnrichment•added 2024/07/08 4:22 p.m.•11 views

CVE-2024-34702 Botan has a Denial of Service Due to Excessive Name Constraints

5.3CVSS6.6AI score0.00845EPSS

Exploits0References13

Debian CVE•added 2024/07/08 4:22 p.m.•15 views

CVE-2024-34702

5.3CVSS5.7AI score0.00845EPSS

Exploits0

Cvelist•added 2024/07/08 4:22 p.m.•26 views

CVE-2024-34702 Botan has a Denial of Service Due to Excessive Name Constraints

5.3CVSS0.00845EPSS

Exploits0References13

CVE•added 2024/07/08 4:22 p.m.•67 views

CVE-2024-34702

CVE-2024-34702 affects the Botan C++ cryptography library. The issue concerns processing of X.509 certificate name constraints: before Botan 3.5.0 and backported in 2.19.5, the check is quadratic in the number of names when validating SubjectAlternativeName vs. name constraints, enabling a malici...

5.3CVSS5.6AI score0.00845EPSS

Exploits0References13

OSV•added 2024/07/08 4:22 p.m.•9 views

CVE-2024-34702 Botan has a Denial of Service Due to Excessive Name Constraints

5.3CVSS5.1AI score0.00845EPSS

Exploits0References15

AlpineLinux•added 2024/07/08 4:22 p.m.•15 views

CVE-2024-34702

5.3CVSS5.3AI score0.00845EPSS

Exploits0

Rows per page