AZL-44214 CVE-2024-34703 affecting package botan2 2.14.0-2

Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to versions 3.3.0 and 2.19.4, an attacker could present an ECDSA X.509 certificate using explicit encoding where the parameter...

UBUNTU-CVE-2024-34703

Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to versions 3.3.0 and 2.19.4, an attacker could present an ECDSA X.509 certificate using explicit encoding where the parameter...

Astra Linux – Vulnerability in Botan

Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or by explicitly encoding the parameters. Before versions 3.3.0 and 2.19.4, an attacker could present an ECDSA X.509 certificate using explicit encoding, where the parameters wer...

USN-3692-1 openssl, openssl1.0 vulnerabilities

Keegan Ryan discovered that OpenSSL incorrectly handled ECDSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. CVE-2018-0495 Guido Vranken discovered that OpenSSL incorrectly handled very large prime values during a key...