Lucene search
K

628 matches found

OSV
OSV
added 2026/03/30 9:17 p.m.5 views

ALPINE-CVE-2026-32884

Botan is a C++ cryptography library. Prior to version 3.11.0, during processing of an X.509 certificate path using name constraints which restrict the set of allowable DNS names, if no subject alternative name is defined in the end-entity certificate Botan would check that the CN was allowed by t...

5.9CVSS5.3AI score0.00158EPSS
Exploits0References1
OSV
OSV
added 2026/03/30 9:17 p.m.2 views

DEBIAN-CVE-2026-32884

Botan is a C++ cryptography library. Prior to version 3.11.0, during processing of an X.509 certificate path using name constraints which restrict the set of allowable DNS names, if no subject alternative name is defined in the end-entity certificate Botan would check that the CN was allowed by t...

5.9CVSS5.3AI score0.00158EPSS
Exploits0References1
NVD
NVD
added 2026/03/30 9:17 p.m.3 views

CVE-2026-32877

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

8.2CVSS0.00278EPSS
Exploits0References1
NVD
NVD
added 2026/03/30 9:17 p.m.3 views

CVE-2026-32883

Botan is a C++ cryptography library. From version 3.0.0 to before version 3.11.0, during X509 path validation, OCSP responses were checked for an appropriate status code, but critically omitted verifying the signature of the OCSP response itself. This issue has been patched in version 3.11.0...

5.9CVSS0.00154EPSS
Exploits0References1
OSV
OSV
added 2026/03/30 9:17 p.m.5 views

ALPINE-CVE-2026-32883

Botan is a C++ cryptography library. From version 3.0.0 to before version 3.11.0, during X509 path validation, OCSP responses were checked for an appropriate status code, but critically omitted verifying the signature of the OCSP response itself. This issue has been patched in version 3.11.0...

5.9CVSS5.3AI score0.00154EPSS
Exploits0References1
OSV
OSV
added 2026/03/30 9:17 p.m.3 views

DEBIAN-CVE-2026-32877

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

8.2CVSS5.4AI score0.00278EPSS
Exploits0References1
OSV
OSV
added 2026/03/30 9:17 p.m.3 views

DEBIAN-CVE-2026-32883

Botan is a C++ cryptography library. From version 3.0.0 to before version 3.11.0, during X509 path validation, OCSP responses were checked for an appropriate status code, but critically omitted verifying the signature of the OCSP response itself. This issue has been patched in version 3.11.0...

5.9CVSS5.3AI score0.00154EPSS
Exploits0References1
OSV
OSV
added 2026/03/30 9:17 p.m.6 views

ALPINE-CVE-2026-32877

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

8.2CVSS5.4AI score0.00278EPSS
Exploits0References1
OSV
OSV
added 2026/03/30 9:17 p.m.2 views

UBUNTU-CVE-2026-32884

Botan is a C++ cryptography library. Prior to version 3.11.0, during processing of an X.509 certificate path using name constraints which restrict the set of allowable DNS names, if no subject alternative name is defined in the end-entity certificate Botan would check that the CN was allowed by t...

5.9CVSS5.7AI score0.00158EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/03/30 9:17 p.m.4 views

CVE-2026-32883

Botan is a C++ cryptography library. From version 3.0.0 to before version 3.11.0, during X509 path validation, OCSP responses were checked for an appropriate status code, but critically omitted verifying the signature of the OCSP response itself. This issue has been patched in version 3.11.0...

5.9CVSS5.8AI score0.00154EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/03/30 9:17 p.m.4 views

CVE-2026-32884

Botan is a C++ cryptography library. Prior to version 3.11.0, during processing of an X.509 certificate path using name constraints which restrict the set of allowable DNS names, if no subject alternative name is defined in the end-entity certificate Botan would check that the CN was allowed by t...

5.9CVSS5.9AI score0.00158EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/03/30 9:17 p.m.5 views

CVE-2026-32877

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

8.2CVSS5.8AI score0.00278EPSS
Exploits0References2
OSV
OSV
added 2026/03/30 9:17 p.m.4 views

UBUNTU-CVE-2026-32877

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

8.2CVSS5.7AI score0.00278EPSS
Exploits0References3
OSV
OSV
added 2026/03/30 9:17 p.m.4 views

UBUNTU-CVE-2026-32883

Botan is a C++ cryptography library. From version 3.0.0 to before version 3.11.0, during X509 path validation, OCSP responses were checked for an appropriate status code, but critically omitted verifying the signature of the OCSP response itself. This issue has been patched in version 3.11.0...

5.9CVSS5.7AI score0.00154EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/30 8:36 p.m.2 views

CVE-2026-32877

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

8.2CVSS5.8AI score0.00278EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/03/30 8:36 p.m.7 views

EUVD-2026-17210

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

8.2CVSS5.8AI score0.00278EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/30 8:36 p.m.21 views

CVE-2026-32877 Botan: Heap Buffer Over-read in SM2 Decryption via Undersized C3 Hash Field

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

8.2CVSS0.00278EPSS
Exploits0References1
CVE
CVE
added 2026/03/30 8:36 p.m.25 views

CVE-2026-32877

CVE-2026-32877 affects Botan (C++ crypto library). From version 2.3.0 up to but not including 3.11.0, SM2 decryption incorrectly checked the length of the encoded C3 value before comparison, allowing an invalid ciphertext to cause a heap over-read of up to 31 bytes. This can lead to a crash or po...

8.2CVSS5.8AI score0.00278EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/03/30 8:36 p.m.7 views

CVE-2026-32877 Botan: Heap Buffer Over-read in SM2 Decryption via Undersized C3 Hash Field

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

8.2CVSS5.8AI score0.00278EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/03/30 8:36 p.m.3 views

CVE-2026-32877

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

8.2CVSS5.7AI score0.00278EPSS
Exploits0References1
Rows per page
Query Builder