Security update for Botan (important)

openSUSE Security Update: Security update for Botan Announcement ID: openSUSE-SU-2021:0794-1 Rating: important References: 1182670 Cross-References: CVE-2021-24115 CVSS scores: CVE-2021-24115 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-24115 SUSE: 9.8...

openSUSE: Security Advisory for Botan (openSUSE-SU-2021:0765-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2021:0765-1 Security update for Botan

This update for Botan fixes the following issues: - CVE-2021-24115 In Botan before 2.17.3, or this backport, constant-time computations are not used for certain decoding and encoding operations boo1182670...

Security update for Botan (important)

openSUSE Security Update: Security update for Botan Announcement ID: openSUSE-SU-2021:0765-1 Rating: important References: 1182670 Cross-References: CVE-2021-24115 CVSS scores: CVE-2021-24115 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-24115 SUSE: 9.8...

Timing Attack

Botan is vulnerable to timing attack. The vulnerability exists becasue constant-time computations are not used for certain decoding and encoding operations base32, base58, base64, and hex...

CVE-2021-24115

In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations base32, base58, base64, and hex...

AZL-44961 CVE-2021-24115 affecting package botan2 2.14.0-2

In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations base32, base58, base64, and hex...

CVE-2021-24115

In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations base32, base58, base64, and hex...

DEBIAN-CVE-2021-24115

In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations base32, base58, base64, and hex...

ALPINE-CVE-2021-24115

In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations base32, base58, base64, and hex...

UBUNTU-CVE-2021-24115

In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations base32, base58, base64, and hex...

Code injection

In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations base32, base58, base64, and hex...

CVE-2021-24115

In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations base32, base58, base64, and hex...

CVE-2021-24115

In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations base32, base58, base64, and hex...

CVE-2021-24115

CVE-2021-24115 affects Botan prior to 2.17.3, where constant-time computations are not applied to certain decoding/encoding operations (base32, base58, base64, and hex). The vulnerability is in the crypto/encoding paths of Botan; impact is shown as high to critical in CVSS data (NVD: 7.5/3.1 v3.1...

CVE-2021-24115

In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations base32, base58, base64, and hex...

CVE-2021-24115

In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations base32, base58, base64, and hex...

Botan Security Vulnerabilities

Botan is a library of cryptographic algorithms written in C++. It supports a variety of algorithms such as AES, DES, SHA-1, RSA, DSA and Diffie-Hellman. A security vulnerability exists in Botan before 2.17.3, which stems from the fact that constant time calculations are not used for certain...

OSV-2018-41 Heap-buffer-overflow in Botan::bigint_monty_redc

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6581 Crash type: Heap-buffer-overflow READ 8 Crash state: Botan::bigintmontyredc Botan::CurveGFpMontgomery::curvemul Botan::CurveGFpMontgomery::tocurverep...

Security Bulletin: A vulnerability in Open Source Botan affects IBM Netezza SQL Extensions

Summary Open Source Botan is used by IBM Netezza SQL Extensions. IBM Netezza SQL Extensions has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2017-14737 DESCRIPTION: Botan could allow a local attacker to obtain sensitive information, caused by a flaw in the cryptographic...