botan 1.11.x prior to 1.11.22 makes it easier for remote malicious users to decrypt TLS ciphertext data via a padding-oracle attack against TLS CBC ciphersuites.
botan project botan