Botan Security Vulnerabilities and Issues — Botan CVE List

Lucene search

Botan ProjectBotan

12 matches found

CVE•added 2018/04/12 5:29 a.m.•56 views

CVE-2018-9860

An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving side to include in the HMAC computation exactly 64K bytes of data following the record buffer, aka an over-read. The MAC comparison will subs...

7.5CVSS7.2AI score0.00499EPSS

CVE•added 2016/05/13 2:59 p.m.•55 views

CVE-2015-5726

The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (application crash) via an empty BIT STRING in ASN.1 data.

7.5CVSS8AI score0.00869EPSS

CVE•added 2016/05/13 2:59 p.m.•55 views

CVE-2016-2194

The ressol function in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (infinite loop) via unspecified input to the OS2ECP function, related to a composite modulus.

7.5CVSS8.1AI score0.017EPSS

CVE•added 2016/05/13 2:59 p.m.•48 views

CVE-2015-5727

The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, related to a length field.

7.8CVSS8.1AI score0.00607EPSS

CVE•added 2016/05/13 2:59 p.m.•48 views

CVE-2016-2849

Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allow remote attackers to obtain ECDSA secret keys via a timing side-channel attack.

7.5CVSS7.3AI score0.00586EPSS

CVE•added 2016/05/13 2:59 p.m.•46 views

CVE-2015-7827

Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for remote attackers to conduct million-message attacks by measuring time differences, related to decoding of PKCS#1 padding.

7.5CVSS7.4AI score0.00583EPSS

CVE•added 2016/05/13 2:59 p.m.•44 views

CVE-2016-2850

Botan 1.11.x before 1.11.29 does not enforce TLS policy for (1) signature algorithms and (2) ECC curves, which allows remote attackers to conduct downgrade attacks via unspecified vectors.

7.5CVSS7.3AI score0.00434EPSS

CVE•added 2023/11/03 1:15 a.m.•42 views

CVE-2017-7252

bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password.

7.5CVSS7.5AI score0.0009EPSS

CVE•added 2016/05/13 2:59 p.m.•37 views

CVE-2014-9742

The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before 1.11.9 improperly uses a single random base, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a DH group.

7.5CVSS7.3AI score0.00281EPSS

CVE•added 2017/04/10 3:59 p.m.•35 views

CVE-2016-6879

The X509_Certificate::allowed_usage function in botan 1.11.x before 1.11.31 might allow attackers to have unspecified impact by leveraging a call with more than one Key_Usage set in the enum value.

7.5CVSS7.7AI score0.00185EPSS

CVE•added 2017/04/10 3:59 p.m.•31 views

CVE-2015-7825

botan before 1.11.22 improperly validates certificate paths, which allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a certificate with a loop in the certificate chain.

7.8CVSS7.3AI score0.0031EPSS

CVE•added 2017/04/10 3:59 p.m.•30 views

CVE-2015-7824

botan 1.11.x before 1.11.22 makes it easier for remote attackers to decrypt TLS ciphertext data via a padding-oracle attack against TLS CBC ciphersuites.

7.5CVSS7.4AI score0.00237EPSS