Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
botan project botan vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2015-7824
botan 1.11.x prior to 1.11.22 makes it easier for remote malicious users to decrypt TLS ciphertext data via a padding-oracle attack against TLS CBC ciphersuites.
Botan Project Botan
7.8
CVSSv2
CVE-2015-7825
botan prior to 1.11.22 improperly validates certificate paths, which allows remote malicious users to cause a denial of service (infinite loop and memory consumption) via a certificate with a loop in the certificate chain.
Botan Project Botan
7.5
CVSSv2
CVE-2015-7826
botan 1.11.x prior to 1.11.22 improperly handles wildcard matching against hostnames, which might allow remote malicious users to have unspecified impact via a valid X.509 certificate, as demonstrated by accepting *.example.com as a match for bar.foo.example.com.
Botan Project Botan
NA
CVE-2022-43705
In Botan prior to 2.19.3, it is possible to forge OCSP responses due to a certificate verification error. This issue was introduced in Botan 1.11.34 (November 2016).
Botan Project Botan
7.5
CVSSv2
CVE-2017-2801
A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially crafted X509 certificate would need to be delivered to the client or server applic...
Botan Project Botan 2.0.1
2.6
CVSSv2
CVE-2021-40529
The ElGamal implementation in Botan up to and including 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public...
Botan Project Botan
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Mozilla Thunderbird
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3