Botan@1.10.0 Security Vulnerabilities and Issues — Botan@1.10.0 CVE List

Lucene search

Botan ProjectBotan1.10.0

3 matches found

CVE•added 2016/05/13 2:59 p.m.•55 views

CVE-2015-5726

The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (application crash) via an empty BIT STRING in ASN.1 data.

7.5CVSS8AI score0.00869EPSS

CVE•added 2017/01/30 10:59 p.m.•49 views

CVE-2016-9132

In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be computed. Some API callers may use the returned (incorrect and attacker controlled) length field in a way which later causes memory corruption or other failure.

9.8CVSS9.4AI score0.00484EPSS

CVE•added 2016/05/13 2:59 p.m.•48 views

CVE-2015-5727

The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, related to a length field.

7.8CVSS8.1AI score0.00607EPSS