Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

botan project botan 1.11.31 vulnerabilities and exploits

(subscribe to this query)
2.1
CVSSv2
CVE-2016-8871
In Botan 1.11.29 up to and including 1.11.32, RSA decryption with certain padding options had a detectable timing channel which could given sufficient queries be used to recover plaintext, aka an "OAEP side channel" attack.
Botan Project Botan 1.11.32Botan Project Botan 1.11.30Botan Project Botan 1.11.31Botan Project Botan 1.11.29
5
CVSSv2
CVE-2016-6879
The X509_Certificate::allowed_usage function in botan 1.11.x prior to 1.11.31 might allow malicious users to have unspecified impact by leveraging a call with more than one Key_Usage set in the enum value.
Botan Project Botan 1.11.12Botan Project Botan 1.11.13Botan Project Botan 1.11.14Botan Project Botan 1.11.15Botan Project Botan 1.11.16Botan Project Botan 1.11.29Botan Project Botan 1.11.30Botan Project Botan 1.11.4Botan Project Botan 1.11.5Botan Project Botan 1.11.6Botan Project Botan 1.11.7Botan Project Botan 1.11.21Botan Project Botan 1.11.22Botan Project Botan 1.11.23Botan Project Botan 1.11.24Botan Project Botan 1.11.1Botan Project Botan 1.11.3Botan Project Botan 1.11.8Botan Project Botan 1.11.10Botan Project Botan 1.11.17Botan Project Botan 1.11.19Botan Project Botan 1.11.26
7.5
CVSSv2
CVE-2016-9132
In Botan 1.8.0 up to and including 1.11.33, when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be computed. Some API callers may use the returned (incorrect and attacker controlled) length field in a way which later causes memor...
Botan Project Botan 1.10.7Botan Project Botan 1.9.9Botan Project Botan 1.11.18Botan Project Botan 1.9.17Botan Project Botan 1.11.0Botan Project Botan 1.10.9Botan Project Botan 1.11.21Botan Project Botan 1.11.26Botan Project Botan 1.8.4Botan Project Botan 1.11.32Botan Project Botan 1.10.15Botan Project Botan 1.11.19Botan Project Botan 1.9.10Botan Project Botan 1.10.12Botan Project Botan 1.8.0Botan Project Botan 1.9.3Botan Project Botan 1.11.12Botan Project Botan 1.9.4Botan Project Botan 1.10.8Botan Project Botan 1.9.8Botan Project Botan 1.8.13Botan Project Botan 1.9.13
7.5
CVSSv2
CVE-2016-6878
The Curve25519 code in botan prior to 1.11.31, on systems without a native 128-bit integer type, might allow malicious users to have unspecified impact via vectors related to undefined behavior, as demonstrated on 32-bit ARM systems compiled by Clang.
Botan Project Botan
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028memory leaklog injectionCVE-2024-3400CVE-2022-48695CVE-2022-48675CVE-2024-34487CVE-2024-33792spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook