3 matches found
Astra Linux – Vulnerability in Botan
Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or by explicitly encoding the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted and exclude...
AZL-43825 CVE-2024-39312 affecting package botan2 2.14.0-2
Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtree...
ALPINE-CVE-2021-4044
Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error for example out of memory. Such a negative return value is mishandled by OpenSSL and will cause an IO...