Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Botan ProjectBotan

7 matches found

CVE
CVEadded 2021/09/06 7:15 p.m.127 views

CVE-2021-40529

The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the r...

5.9CVSS5.7AI score0.00103EPSS
CVE
CVEadded 2017/09/26 1:29 a.m.69 views

CVE-2017-14737

A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to recover information about RSA secret keys, as demonstrated by CacheD. This occurs because an array is indexed with bits derived from a secret key.

5.5CVSS5.2AI score0.00052EPSS
CVE
CVEadded 2018/06/15 2:29 a.m.68 views

CVE-2018-12435

Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP, related to dsa/dsa.cpp, ec_group/ec_group.cpp, and ecdsa/ecdsa.cpp. To discover an ECDSA key, the attacker needs access to either the local mac...

5.9CVSS4.7AI score0.00153EPSS
CVE
CVEadded 2019/03/08 7:29 p.m.64 views

CVE-2018-20187

A side-channel issue was discovered in Botan before 2.9.0. An attacker capable of precisely measuring the time taken for ECC key generation may be able to derive information about the high bits of the secret key, as the function to derive the public point from the secret scalar uses an unblinded Mo...

5.9CVSS5.3AI score0.00516EPSS
CVE
CVEadded 2024/07/08 5:15 p.m.54 views

CVE-2024-39312

Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtrees ...

5.3CVSS5.8AI score0.00103EPSS
CVE
CVEadded 2024/10/23 5:15 p.m.47 views

CVE-2024-50382

Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp in GHASH in AES-GCM. There is a branch instead of an XOR with carry. This was observed for Clang in LLVM 15 on RISC-V.

5.9CVSS7AI score0.00124EPSS
CVE
CVEadded 2024/10/23 5:15 p.m.47 views

CVE-2024-50383

Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 (used in Chacha-Poly1305 and x25519). An addition can be skipped if a carry is not set. This was observed for GCC 11.3.0 with -O2 on MIPS, and GCC on x86-i38...

5.9CVSS7AI score0.00124EPSS