Vulnerabilites related to botan_project - botan
CVE-2024-50382 (GCVE-0-2024-50382)
Vulnerability from cvelistv5
Published
2024-10-23 00:00
Modified
2024-10-24 19:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp in GHASH in AES-GCM. There is a branch instead of an XOR with carry. This was observed for Clang in LLVM 15 on RISC-V.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "botan",
"vendor": "botan_project",
"versions": [
{
"lessThan": "3.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-50382",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T19:56:36.771702Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-24T19:57:23.462Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp in GHASH in AES-GCM. There is a branch instead of an XOR with carry. This was observed for Clang in LLVM 15 on RISC-V."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T16:14:20.018587",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/randombit/botan/commit/53b0cfde580e86b03d0d27a488b6c134f662e957"
},
{
"url": "https://github.com/randombit/botan/compare/3.5.0...3.6.0"
},
{
"url": "https://arxiv.org/pdf/2410.13489"
},
{
"url": "https://news.ycombinator.com/item?id=41887153"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-50382",
"datePublished": "2024-10-23T00:00:00",
"dateReserved": "2024-10-23T00:00:00",
"dateUpdated": "2024-10-24T19:57:23.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5727 (GCVE-0-2015-5727)
Vulnerability from cvelistv5
Published
2016-05-13 14:00
Modified
2024-08-06 06:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, related to a length field.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:59:04.190Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3565",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://botan.randombit.net/security.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-08-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, related to a length field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-05-13T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3565",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://botan.randombit.net/security.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5727",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, related to a length field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3565",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"name": "http://botan.randombit.net/security.html",
"refsource": "CONFIRM",
"url": "http://botan.randombit.net/security.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-5727",
"datePublished": "2016-05-13T14:00:00",
"dateReserved": "2015-08-04T00:00:00",
"dateUpdated": "2024-08-06T06:59:04.190Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-50383 (GCVE-0-2024-50383)
Vulnerability from cvelistv5
Published
2024-10-23 00:00
Modified
2024-10-24 19:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 (used in Chacha-Poly1305 and x25519). An addition can be skipped if a carry is not set. This was observed for GCC 11.3.0 with -O2 on MIPS, and GCC on x86-i386. (Only 32-bit processors can be affected.)
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "botan",
"vendor": "botan_project",
"versions": [
{
"lessThan": "3.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-50383",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T19:53:31.821813Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-24T19:55:57.960Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 (used in Chacha-Poly1305 and x25519). An addition can be skipped if a carry is not set. This was observed for GCC 11.3.0 with -O2 on MIPS, and GCC on x86-i386. (Only 32-bit processors can be affected.)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T16:13:14.414506",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/randombit/botan/commit/53b0cfde580e86b03d0d27a488b6c134f662e957"
},
{
"url": "https://github.com/randombit/botan/compare/3.5.0...3.6.0"
},
{
"url": "https://arxiv.org/pdf/2410.13489"
},
{
"url": "https://news.ycombinator.com/item?id=41887153"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-50383",
"datePublished": "2024-10-23T00:00:00",
"dateReserved": "2024-10-23T00:00:00",
"dateUpdated": "2024-10-24T19:55:57.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-14737 (GCVE-0-2017-14737)
Vulnerability from cvelistv5
Published
2017-09-26 01:00
Modified
2024-08-05 19:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to recover information about RSA secret keys, as demonstrated by CacheD. This occurs because an array is indexed with bits derived from a secret key.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:34:39.919Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/wang-shuai"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/randombit/botan/issues/1222"
},
{
"name": "[debian-lts-announce] 20211108 [SECURITY] [DLA 2812-1] botan1.10 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00006.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-09-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to recover information about RSA secret keys, as demonstrated by CacheD. This occurs because an array is indexed with bits derived from a secret key."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-09T01:06:13",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/wang-shuai"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/randombit/botan/issues/1222"
},
{
"name": "[debian-lts-announce] 20211108 [SECURITY] [DLA 2812-1] botan1.10 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00006.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-14737",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to recover information about RSA secret keys, as demonstrated by CacheD. This occurs because an array is indexed with bits derived from a secret key."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/wang-shuai",
"refsource": "MISC",
"url": "https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/wang-shuai"
},
{
"name": "https://github.com/randombit/botan/issues/1222",
"refsource": "MISC",
"url": "https://github.com/randombit/botan/issues/1222"
},
{
"name": "[debian-lts-announce] 20211108 [SECURITY] [DLA 2812-1] botan1.10 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00006.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-14737",
"datePublished": "2017-09-26T01:00:00",
"dateReserved": "2017-09-25T00:00:00",
"dateUpdated": "2024-08-05T19:34:39.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-2195 (GCVE-0-2016-2195)
Vulnerability from cvelistv5
Published
2016-05-13 14:00
Modified
2024-08-05 23:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the PointGFp constructor in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to overwrite memory and possibly execute arbitrary code via a crafted ECC point, which triggers a heap-based buffer overflow.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:48.636Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[botan-devel] 20160201 Botan 1.11.28 and 1.10.11 released with security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=botan-devel\u0026m=145435148602911\u0026w=2"
},
{
"name": "DSA-3565",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"name": "GLSA-201612-38",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201612-38"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://botan.randombit.net/security.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the PointGFp constructor in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to overwrite memory and possibly execute arbitrary code via a crafted ECC point, which triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[botan-devel] 20160201 Botan 1.11.28 and 1.10.11 released with security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=botan-devel\u0026m=145435148602911\u0026w=2"
},
{
"name": "DSA-3565",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"name": "GLSA-201612-38",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201612-38"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://botan.randombit.net/security.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2195",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the PointGFp constructor in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to overwrite memory and possibly execute arbitrary code via a crafted ECC point, which triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[botan-devel] 20160201 Botan 1.11.28 and 1.10.11 released with security fixes",
"refsource": "MLIST",
"url": "http://marc.info/?l=botan-devel\u0026m=145435148602911\u0026w=2"
},
{
"name": "DSA-3565",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"name": "GLSA-201612-38",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-38"
},
{
"name": "http://botan.randombit.net/security.html",
"refsource": "CONFIRM",
"url": "http://botan.randombit.net/security.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-2195",
"datePublished": "2016-05-13T14:00:00",
"dateReserved": "2016-01-29T00:00:00",
"dateUpdated": "2024-08-05T23:24:48.636Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-20187 (GCVE-0-2018-20187)
Vulnerability from cvelistv5
Published
2019-03-08 19:00
Modified
2024-08-05 11:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A side-channel issue was discovered in Botan before 2.9.0. An attacker capable of precisely measuring the time taken for ECC key generation may be able to derive information about the high bits of the secret key, as the function to derive the public point from the secret scalar uses an unblinded Montgomery ladder whose loop iteration count depends on the bitlength of the secret. This issue affects only key generation, not ECDSA signatures or ECDH key agreement.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:58:18.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/crocs-muni/ECTester"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://botan.randombit.net/news.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://botan.randombit.net/security.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-03-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A side-channel issue was discovered in Botan before 2.9.0. An attacker capable of precisely measuring the time taken for ECC key generation may be able to derive information about the high bits of the secret key, as the function to derive the public point from the secret scalar uses an unblinded Montgomery ladder whose loop iteration count depends on the bitlength of the secret. This issue affects only key generation, not ECDSA signatures or ECDH key agreement."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-08T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/crocs-muni/ECTester"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://botan.randombit.net/news.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://botan.randombit.net/security.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20187",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A side-channel issue was discovered in Botan before 2.9.0. An attacker capable of precisely measuring the time taken for ECC key generation may be able to derive information about the high bits of the secret key, as the function to derive the public point from the secret scalar uses an unblinded Montgomery ladder whose loop iteration count depends on the bitlength of the secret. This issue affects only key generation, not ECDSA signatures or ECDH key agreement."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/crocs-muni/ECTester",
"refsource": "MISC",
"url": "https://github.com/crocs-muni/ECTester"
},
{
"name": "https://botan.randombit.net/news.html",
"refsource": "MISC",
"url": "https://botan.randombit.net/news.html"
},
{
"name": "https://botan.randombit.net/security.html",
"refsource": "MISC",
"url": "https://botan.randombit.net/security.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20187",
"datePublished": "2019-03-08T19:00:00",
"dateReserved": "2018-12-17T00:00:00",
"dateUpdated": "2024-08-05T11:58:18.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8871 (GCVE-0-2016-8871)
Vulnerability from cvelistv5
Published
2016-10-28 15:00
Modified
2024-08-06 02:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Botan 1.11.29 through 1.11.32, RSA decryption with certain padding options had a detectable timing channel which could given sufficient queries be used to recover plaintext, aka an "OAEP side channel" attack.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:35:02.147Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://botan.randombit.net/security.html"
},
{
"name": "94225",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94225"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Botan 1.11.29 through 1.11.32, RSA decryption with certain padding options had a detectable timing channel which could given sufficient queries be used to recover plaintext, aka an \"OAEP side channel\" attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://botan.randombit.net/security.html"
},
{
"name": "94225",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94225"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8871",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Botan 1.11.29 through 1.11.32, RSA decryption with certain padding options had a detectable timing channel which could given sufficient queries be used to recover plaintext, aka an \"OAEP side channel\" attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://botan.randombit.net/security.html",
"refsource": "CONFIRM",
"url": "https://botan.randombit.net/security.html"
},
{
"name": "94225",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94225"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-8871",
"datePublished": "2016-10-28T15:00:00",
"dateReserved": "2016-10-21T00:00:00",
"dateUpdated": "2024-08-06T02:35:02.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7252 (GCVE-0-2017-7252)
Vulnerability from cvelistv5
Published
2023-11-03 00:00
Modified
2024-09-12 19:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:56:36.359Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://botan.randombit.net/security.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1034591"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-7252",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T20:14:36.640230Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-12T19:35:01.437Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-03T00:50:54.444172",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://botan.randombit.net/security.html"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1034591"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-7252",
"datePublished": "2023-11-03T00:00:00",
"dateReserved": "2017-03-24T00:00:00",
"dateUpdated": "2024-09-12T19:35:01.437Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6878 (GCVE-0-2016-6878)
Vulnerability from cvelistv5
Published
2017-04-10 15:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Curve25519 code in botan before 1.11.31, on systems without a native 128-bit integer type, might allow attackers to have unspecified impact via vectors related to undefined behavior, as demonstrated on 32-bit ARM systems compiled by Clang.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.420Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://botan.randombit.net/security.html#id2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Curve25519 code in botan before 1.11.31, on systems without a native 128-bit integer type, might allow attackers to have unspecified impact via vectors related to undefined behavior, as demonstrated on 32-bit ARM systems compiled by Clang."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://botan.randombit.net/security.html#id2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6878",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Curve25519 code in botan before 1.11.31, on systems without a native 128-bit integer type, might allow attackers to have unspecified impact via vectors related to undefined behavior, as demonstrated on 32-bit ARM systems compiled by Clang."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://botan.randombit.net/security.html#id2",
"refsource": "CONFIRM",
"url": "https://botan.randombit.net/security.html#id2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-6878",
"datePublished": "2017-04-10T15:00:00",
"dateReserved": "2016-08-18T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-2850 (GCVE-0-2016-2850)
Vulnerability from cvelistv5
Published
2016-05-13 14:00
Modified
2024-08-05 23:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Botan 1.11.x before 1.11.29 does not enforce TLS policy for (1) signature algorithms and (2) ECC curves, which allows remote attackers to conduct downgrade attacks via unspecified vectors.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:32:21.226Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[botan-devel] 20160321 Botan 1.11.29 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=botan-devel\u0026m=145852488622892\u0026w=2"
},
{
"name": "FEDORA-2016-a545f81683",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183669.html"
},
{
"name": "GLSA-201701-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-23"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://botan.randombit.net/security.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Botan 1.11.x before 1.11.29 does not enforce TLS policy for (1) signature algorithms and (2) ECC curves, which allows remote attackers to conduct downgrade attacks via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[botan-devel] 20160321 Botan 1.11.29 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=botan-devel\u0026m=145852488622892\u0026w=2"
},
{
"name": "FEDORA-2016-a545f81683",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183669.html"
},
{
"name": "GLSA-201701-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-23"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://botan.randombit.net/security.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2850",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Botan 1.11.x before 1.11.29 does not enforce TLS policy for (1) signature algorithms and (2) ECC curves, which allows remote attackers to conduct downgrade attacks via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[botan-devel] 20160321 Botan 1.11.29 released",
"refsource": "MLIST",
"url": "http://marc.info/?l=botan-devel\u0026m=145852488622892\u0026w=2"
},
{
"name": "FEDORA-2016-a545f81683",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183669.html"
},
{
"name": "GLSA-201701-23",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-23"
},
{
"name": "http://botan.randombit.net/security.html",
"refsource": "CONFIRM",
"url": "http://botan.randombit.net/security.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-2850",
"datePublished": "2016-05-13T14:00:00",
"dateReserved": "2016-03-06T00:00:00",
"dateUpdated": "2024-08-05T23:32:21.226Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-24115 (GCVE-0-2021-24115)
Vulnerability from cvelistv5
Published
2021-02-22 01:57
Modified
2024-08-03 19:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex).
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:21:18.299Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/randombit/botan/compare/2.17.2...2.17.3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/randombit/botan/pull/2549"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://botan.randombit.net/news.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-22T01:57:58",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/randombit/botan/compare/2.17.2...2.17.3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/randombit/botan/pull/2549"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://botan.randombit.net/news.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-24115",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/randombit/botan/compare/2.17.2...2.17.3",
"refsource": "MISC",
"url": "https://github.com/randombit/botan/compare/2.17.2...2.17.3"
},
{
"name": "https://github.com/randombit/botan/pull/2549",
"refsource": "MISC",
"url": "https://github.com/randombit/botan/pull/2549"
},
{
"name": "https://botan.randombit.net/news.html",
"refsource": "CONFIRM",
"url": "https://botan.randombit.net/news.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-24115",
"datePublished": "2021-02-22T01:57:58",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:21:18.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-2194 (GCVE-0-2016-2194)
Vulnerability from cvelistv5
Published
2016-05-13 14:00
Modified
2024-08-05 23:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The ressol function in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (infinite loop) via unspecified input to the OS2ECP function, related to a composite modulus.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:48.001Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[botan-devel] 20160201 Botan 1.11.28 and 1.10.11 released with security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=botan-devel\u0026m=145435148602911\u0026w=2"
},
{
"name": "[botan-devel] 20160203 Botan 1.10.12 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=botan-devel\u0026m=145449001708138\u0026w=2"
},
{
"name": "DSA-3565",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"name": "GLSA-201612-38",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201612-38"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://botan.randombit.net/security.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ressol function in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (infinite loop) via unspecified input to the OS2ECP function, related to a composite modulus."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[botan-devel] 20160201 Botan 1.11.28 and 1.10.11 released with security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=botan-devel\u0026m=145435148602911\u0026w=2"
},
{
"name": "[botan-devel] 20160203 Botan 1.10.12 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=botan-devel\u0026m=145449001708138\u0026w=2"
},
{
"name": "DSA-3565",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"name": "GLSA-201612-38",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201612-38"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://botan.randombit.net/security.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2194",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ressol function in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (infinite loop) via unspecified input to the OS2ECP function, related to a composite modulus."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[botan-devel] 20160201 Botan 1.11.28 and 1.10.11 released with security fixes",
"refsource": "MLIST",
"url": "http://marc.info/?l=botan-devel\u0026m=145435148602911\u0026w=2"
},
{
"name": "[botan-devel] 20160203 Botan 1.10.12 released",
"refsource": "MLIST",
"url": "http://marc.info/?l=botan-devel\u0026m=145449001708138\u0026w=2"
},
{
"name": "DSA-3565",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"name": "GLSA-201612-38",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-38"
},
{
"name": "http://botan.randombit.net/security.html",
"refsource": "CONFIRM",
"url": "http://botan.randombit.net/security.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-2194",
"datePublished": "2016-05-13T14:00:00",
"dateReserved": "2016-01-29T00:00:00",
"dateUpdated": "2024-08-05T23:24:48.001Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7824 (GCVE-0-2015-7824)
Vulnerability from cvelistv5
Published
2017-04-10 15:00
Modified
2024-08-06 07:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
botan 1.11.x before 1.11.22 makes it easier for remote attackers to decrypt TLS ciphertext data via a padding-oracle attack against TLS CBC ciphersuites.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:59:00.649Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311613"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://botan.randombit.net/security.html#id3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "botan 1.11.x before 1.11.22 makes it easier for remote attackers to decrypt TLS ciphertext data via a padding-oracle attack against TLS CBC ciphersuites."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311613"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://botan.randombit.net/security.html#id3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7824",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "botan 1.11.x before 1.11.22 makes it easier for remote attackers to decrypt TLS ciphertext data via a padding-oracle attack against TLS CBC ciphersuites."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1311613",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311613"
},
{
"name": "https://botan.randombit.net/security.html#id3",
"refsource": "CONFIRM",
"url": "https://botan.randombit.net/security.html#id3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-7824",
"datePublished": "2017-04-10T15:00:00",
"dateReserved": "2015-10-14T00:00:00",
"dateUpdated": "2024-08-06T07:59:00.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7827 (GCVE-0-2015-7827)
Vulnerability from cvelistv5
Published
2016-05-13 14:00
Modified
2024-08-06 07:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for remote attackers to conduct million-message attacks by measuring time differences, related to decoding of PKCS#1 padding.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:58:59.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2016-a545f81683",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183669.html"
},
{
"name": "DSA-3565",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"name": "[botan-devel] 20160428 Botan 1.10.13 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=botan-devel\u0026m=146185420505943\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://botan.randombit.net/security.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for remote attackers to conduct million-message attacks by measuring time differences, related to decoding of PKCS#1 padding."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-06-01T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2016-a545f81683",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183669.html"
},
{
"name": "DSA-3565",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"name": "[botan-devel] 20160428 Botan 1.10.13 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=botan-devel\u0026m=146185420505943\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://botan.randombit.net/security.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7827",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for remote attackers to conduct million-message attacks by measuring time differences, related to decoding of PKCS#1 padding."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2016-a545f81683",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183669.html"
},
{
"name": "DSA-3565",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"name": "[botan-devel] 20160428 Botan 1.10.13 released",
"refsource": "MLIST",
"url": "http://marc.info/?l=botan-devel\u0026m=146185420505943\u0026w=2"
},
{
"name": "http://botan.randombit.net/security.html",
"refsource": "CONFIRM",
"url": "http://botan.randombit.net/security.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-7827",
"datePublished": "2016-05-13T14:00:00",
"dateReserved": "2015-10-14T00:00:00",
"dateUpdated": "2024-08-06T07:58:59.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40529 (GCVE-0-2021-40529)
Vulnerability from cvelistv5
Published
2021-09-06 18:45
Modified
2024-08-04 02:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:44:10.857Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://eprint.iacr.org/2021/923"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/randombit/botan/pull/2790"
},
{
"name": "FEDORA-2021-14b0d97496",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UPHGYWNJQKWLTUWBNSFB4F66MQDIL3IB/"
},
{
"name": "FEDORA-2021-8d51cac49f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/72NB4OLD3VHJC3YF3PEP2HKF6BYURPAO/"
},
{
"name": "GLSA-202208-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-14"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver\u0027s public key, the generator defined by the receiver\u0027s public key, and the sender\u0027s ephemeral exponents can lead to a cross-configuration attack against OpenPGP."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-10T05:13:35",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://eprint.iacr.org/2021/923"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/randombit/botan/pull/2790"
},
{
"name": "FEDORA-2021-14b0d97496",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UPHGYWNJQKWLTUWBNSFB4F66MQDIL3IB/"
},
{
"name": "FEDORA-2021-8d51cac49f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/72NB4OLD3VHJC3YF3PEP2HKF6BYURPAO/"
},
{
"name": "GLSA-202208-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202208-14"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-40529",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver\u0027s public key, the generator defined by the receiver\u0027s public key, and the sender\u0027s ephemeral exponents can lead to a cross-configuration attack against OpenPGP."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://eprint.iacr.org/2021/923",
"refsource": "MISC",
"url": "https://eprint.iacr.org/2021/923"
},
{
"name": "https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1",
"refsource": "MISC",
"url": "https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1"
},
{
"name": "https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2",
"refsource": "MISC",
"url": "https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2"
},
{
"name": "https://github.com/randombit/botan/pull/2790",
"refsource": "MISC",
"url": "https://github.com/randombit/botan/pull/2790"
},
{
"name": "FEDORA-2021-14b0d97496",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UPHGYWNJQKWLTUWBNSFB4F66MQDIL3IB/"
},
{
"name": "FEDORA-2021-8d51cac49f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/72NB4OLD3VHJC3YF3PEP2HKF6BYURPAO/"
},
{
"name": "GLSA-202208-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202208-14"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-40529",
"datePublished": "2021-09-06T18:45:08",
"dateReserved": "2021-09-06T00:00:00",
"dateUpdated": "2024-08-04T02:44:10.857Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39312 (GCVE-0-2024-39312)
Vulnerability from cvelistv5
Published
2024-07-08 16:30
Modified
2024-08-02 04:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-295 - Improper Certificate Validation
Summary
Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtrees and excluded subtrees, only the permitted subtree would be checked. If a certificate included a name which was permitted by the permitted subtree but also excluded by excluded subtree, it would be accepted. Fixed in versions 3.5.0 and 2.19.5.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:randombit:botan:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "botan",
"vendor": "randombit",
"versions": [
{
"lessThan": "2.19.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.5.0",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39312",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-08T19:57:15.379890Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-08T19:59:00.224Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:19:20.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/randombit/botan/security/advisories/GHSA-jp24-56jm-gg86",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/randombit/botan/security/advisories/GHSA-jp24-56jm-gg86"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "botan",
"vendor": "randombit",
"versions": [
{
"status": "affected",
"version": "\u003c 2.19.5"
},
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c 3.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtrees and excluded subtrees, only the permitted subtree would be checked. If a certificate included a name which was permitted by the permitted subtree but also excluded by excluded subtree, it would be accepted. Fixed in versions 3.5.0 and 2.19.5."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295: Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-08T16:30:25.044Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/randombit/botan/security/advisories/GHSA-jp24-56jm-gg86",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/randombit/botan/security/advisories/GHSA-jp24-56jm-gg86"
}
],
"source": {
"advisory": "GHSA-jp24-56jm-gg86",
"discovery": "UNKNOWN"
},
"title": "Botan has an Authorization Error due to Name Constraint Decoding Bug"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-39312",
"datePublished": "2024-07-08T16:30:25.044Z",
"dateReserved": "2024-06-21T18:15:22.260Z",
"dateUpdated": "2024-08-02T04:19:20.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-12435 (GCVE-0-2018-12435)
Vulnerability from cvelistv5
Published
2018-06-15 02:00
Modified
2024-08-05 08:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP, related to dsa/dsa.cpp, ec_group/ec_group.cpp, and ecdsa/ecdsa.cpp. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:38:04.941Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://botan.randombit.net/security.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/randombit/botan/commit/48fc8df51d99f9d8ba251219367b3d629cc848e3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP, related to dsa/dsa.cpp, ec_group/ec_group.cpp, and ecdsa/ecdsa.cpp. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-07T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://botan.randombit.net/security.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/randombit/botan/commit/48fc8df51d99f9d8ba251219367b3d629cc848e3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12435",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP, related to dsa/dsa.cpp, ec_group/ec_group.cpp, and ecdsa/ecdsa.cpp. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/",
"refsource": "MISC",
"url": "https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/"
},
{
"name": "https://botan.randombit.net/security.html",
"refsource": "CONFIRM",
"url": "https://botan.randombit.net/security.html"
},
{
"name": "https://github.com/randombit/botan/commit/48fc8df51d99f9d8ba251219367b3d629cc848e3",
"refsource": "CONFIRM",
"url": "https://github.com/randombit/botan/commit/48fc8df51d99f9d8ba251219367b3d629cc848e3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-12435",
"datePublished": "2018-06-15T02:00:00",
"dateReserved": "2018-06-14T00:00:00",
"dateUpdated": "2024-08-05T08:38:04.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9127 (GCVE-0-2018-9127)
Vulnerability from cvelistv5
Published
2018-04-02 17:00
Modified
2024-08-05 07:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125 rules, they should not match. This only affects certificates issued to the same domain as the host, so to impersonate a host one must already have a wildcard certificate matching other hosts in the same domain. For example, b*.example.com would match some hostnames that do not begin with a 'b' character.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:17:51.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://botan.randombit.net/security.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-04-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125 rules, they should not match. This only affects certificates issued to the same domain as the host, so to impersonate a host one must already have a wildcard certificate matching other hosts in the same domain. For example, b*.example.com would match some hostnames that do not begin with a \u0027b\u0027 character."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-02T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://botan.randombit.net/security.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9127",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125 rules, they should not match. This only affects certificates issued to the same domain as the host, so to impersonate a host one must already have a wildcard certificate matching other hosts in the same domain. For example, b*.example.com would match some hostnames that do not begin with a \u0027b\u0027 character."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://botan.randombit.net/security.html",
"refsource": "MISC",
"url": "https://botan.randombit.net/security.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-9127",
"datePublished": "2018-04-02T17:00:00",
"dateReserved": "2018-03-29T00:00:00",
"dateUpdated": "2024-08-05T07:17:51.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9132 (GCVE-0-2016-9132)
Vulnerability from cvelistv5
Published
2017-01-30 22:00
Modified
2024-08-06 02:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be computed. Some API callers may use the returned (incorrect and attacker controlled) length field in a way which later causes memory corruption or other failure.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:42:10.498Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2016-7de64a450f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2Y3JLMTE3VIV4X5X6SXVZTJBDDLCS3D/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/randombit/botan/commit/987ad747db6d0d7e36f840398f3cf02e2fbfd90f"
},
{
"name": "95879",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95879"
},
{
"name": "FEDORA-2016-3b59109c48",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OUDGVRQYQUL7F5MRP3LAV7EHRJG4BBE/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be computed. Some API callers may use the returned (incorrect and attacker controlled) length field in a way which later causes memory corruption or other failure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-01T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2016-7de64a450f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2Y3JLMTE3VIV4X5X6SXVZTJBDDLCS3D/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/randombit/botan/commit/987ad747db6d0d7e36f840398f3cf02e2fbfd90f"
},
{
"name": "95879",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95879"
},
{
"name": "FEDORA-2016-3b59109c48",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OUDGVRQYQUL7F5MRP3LAV7EHRJG4BBE/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9132",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be computed. Some API callers may use the returned (incorrect and attacker controlled) length field in a way which later causes memory corruption or other failure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2016-7de64a450f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z2Y3JLMTE3VIV4X5X6SXVZTJBDDLCS3D/"
},
{
"name": "https://github.com/randombit/botan/commit/987ad747db6d0d7e36f840398f3cf02e2fbfd90f",
"refsource": "CONFIRM",
"url": "https://github.com/randombit/botan/commit/987ad747db6d0d7e36f840398f3cf02e2fbfd90f"
},
{
"name": "95879",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95879"
},
{
"name": "FEDORA-2016-3b59109c48",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4OUDGVRQYQUL7F5MRP3LAV7EHRJG4BBE/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9132",
"datePublished": "2017-01-30T22:00:00",
"dateReserved": "2016-10-31T00:00:00",
"dateUpdated": "2024-08-06T02:42:10.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9860 (GCVE-0-2018-9860)
Vulnerability from cvelistv5
Published
2018-04-12 05:00
Modified
2024-08-05 07:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving side to include in the HMAC computation exactly 64K bytes of data following the record buffer, aka an over-read. The MAC comparison will subsequently fail and the connection will be closed. This could be used for denial of service. No information leak occurs.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:24:56.311Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7434"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://botan.randombit.net/security.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving side to include in the HMAC computation exactly 64K bytes of data following the record buffer, aka an over-read. The MAC comparison will subsequently fail and the connection will be closed. This could be used for denial of service. No information leak occurs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-12T04:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7434"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://botan.randombit.net/security.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9860",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving side to include in the HMAC computation exactly 64K bytes of data following the record buffer, aka an over-read. The MAC comparison will subsequently fail and the connection will be closed. This could be used for denial of service. No information leak occurs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7434",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7434"
},
{
"name": "https://botan.randombit.net/security.html",
"refsource": "MISC",
"url": "https://botan.randombit.net/security.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-9860",
"datePublished": "2018-04-12T05:00:00",
"dateReserved": "2018-04-09T00:00:00",
"dateUpdated": "2024-08-05T07:24:56.311Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7826 (GCVE-0-2015-7826)
Vulnerability from cvelistv5
Published
2017-04-10 15:00
Modified
2024-08-06 07:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
botan 1.11.x before 1.11.22 improperly handles wildcard matching against hostnames, which might allow remote attackers to have unspecified impact via a valid X.509 certificate, as demonstrated by accepting *.example.com as a match for bar.foo.example.com.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:59:00.368Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311620"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://botan.randombit.net/security.html#id3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "botan 1.11.x before 1.11.22 improperly handles wildcard matching against hostnames, which might allow remote attackers to have unspecified impact via a valid X.509 certificate, as demonstrated by accepting *.example.com as a match for bar.foo.example.com."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311620"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://botan.randombit.net/security.html#id3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7826",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "botan 1.11.x before 1.11.22 improperly handles wildcard matching against hostnames, which might allow remote attackers to have unspecified impact via a valid X.509 certificate, as demonstrated by accepting *.example.com as a match for bar.foo.example.com."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1311620",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311620"
},
{
"name": "https://botan.randombit.net/security.html#id3",
"refsource": "CONFIRM",
"url": "https://botan.randombit.net/security.html#id3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-7826",
"datePublished": "2017-04-10T15:00:00",
"dateReserved": "2015-10-14T00:00:00",
"dateUpdated": "2024-08-06T07:59:00.368Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-2849 (GCVE-0-2016-2849)
Vulnerability from cvelistv5
Published
2016-05-13 14:00
Modified
2024-08-05 23:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allow remote attackers to obtain ECDSA secret keys via a timing side-channel attack.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:32:21.324Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2016-a545f81683",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183669.html"
},
{
"name": "DSA-3565",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"name": "[botan-devel] 20160428 Botan 1.10.13 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=botan-devel\u0026m=146185420505943\u0026w=2"
},
{
"name": "GLSA-201701-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-23"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://botan.randombit.net/security.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allow remote attackers to obtain ECDSA secret keys via a timing side-channel attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2016-a545f81683",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183669.html"
},
{
"name": "DSA-3565",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"name": "[botan-devel] 20160428 Botan 1.10.13 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=botan-devel\u0026m=146185420505943\u0026w=2"
},
{
"name": "GLSA-201701-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-23"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://botan.randombit.net/security.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2849",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allow remote attackers to obtain ECDSA secret keys via a timing side-channel attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2016-a545f81683",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183669.html"
},
{
"name": "DSA-3565",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"name": "[botan-devel] 20160428 Botan 1.10.13 released",
"refsource": "MLIST",
"url": "http://marc.info/?l=botan-devel\u0026m=146185420505943\u0026w=2"
},
{
"name": "GLSA-201701-23",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-23"
},
{
"name": "http://botan.randombit.net/security.html",
"refsource": "CONFIRM",
"url": "http://botan.randombit.net/security.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-2849",
"datePublished": "2016-05-13T14:00:00",
"dateReserved": "2016-03-06T00:00:00",
"dateUpdated": "2024-08-05T23:32:21.324Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5726 (GCVE-0-2015-5726)
Vulnerability from cvelistv5
Published
2016-05-13 14:00
Modified
2024-08-06 06:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (application crash) via an empty BIT STRING in ASN.1 data.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:59:04.293Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3565",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://botan.randombit.net/security.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-08-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (application crash) via an empty BIT STRING in ASN.1 data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-05-13T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3565",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://botan.randombit.net/security.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5726",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (application crash) via an empty BIT STRING in ASN.1 data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3565",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"name": "http://botan.randombit.net/security.html",
"refsource": "CONFIRM",
"url": "http://botan.randombit.net/security.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-5726",
"datePublished": "2016-05-13T14:00:00",
"dateReserved": "2015-08-04T00:00:00",
"dateUpdated": "2024-08-06T06:59:04.293Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6879 (GCVE-0-2016-6879)
Vulnerability from cvelistv5
Published
2017-04-10 15:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The X509_Certificate::allowed_usage function in botan 1.11.x before 1.11.31 might allow attackers to have unspecified impact by leveraging a call with more than one Key_Usage set in the enum value.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.433Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://botan.randombit.net/security.html#id2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The X509_Certificate::allowed_usage function in botan 1.11.x before 1.11.31 might allow attackers to have unspecified impact by leveraging a call with more than one Key_Usage set in the enum value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://botan.randombit.net/security.html#id2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6879",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The X509_Certificate::allowed_usage function in botan 1.11.x before 1.11.31 might allow attackers to have unspecified impact by leveraging a call with more than one Key_Usage set in the enum value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://botan.randombit.net/security.html#id2",
"refsource": "CONFIRM",
"url": "https://botan.randombit.net/security.html#id2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-6879",
"datePublished": "2017-04-10T15:00:00",
"dateReserved": "2016-08-18T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.433Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-2196 (GCVE-0-2016-2196)
Vulnerability from cvelistv5
Published
2016-05-13 14:00
Modified
2024-08-05 23:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in the P-521 reduction function in Botan 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (memory overwrite and crash) or execute arbitrary code via unspecified vectors.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:48.252Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[botan-devel] 20160201 Botan 1.11.28 and 1.10.11 released with security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=botan-devel\u0026m=145435148602911\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://botan.randombit.net/security.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the P-521 reduction function in Botan 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (memory overwrite and crash) or execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-05-13T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[botan-devel] 20160201 Botan 1.11.28 and 1.10.11 released with security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=botan-devel\u0026m=145435148602911\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://botan.randombit.net/security.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2196",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the P-521 reduction function in Botan 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (memory overwrite and crash) or execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[botan-devel] 20160201 Botan 1.11.28 and 1.10.11 released with security fixes",
"refsource": "MLIST",
"url": "http://marc.info/?l=botan-devel\u0026m=145435148602911\u0026w=2"
},
{
"name": "http://botan.randombit.net/security.html",
"refsource": "CONFIRM",
"url": "http://botan.randombit.net/security.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-2196",
"datePublished": "2016-05-13T14:00:00",
"dateReserved": "2016-01-29T00:00:00",
"dateUpdated": "2024-08-05T23:24:48.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9742 (GCVE-0-2014-9742)
Vulnerability from cvelistv5
Published
2016-05-13 14:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before 1.11.9 improperly uses a single random base, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a DH group.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:04.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://botan.randombit.net/security.html"
},
{
"name": "[botan-devel] 20140411 Security Notification: Botan 1.10.8 + 1.11.9 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=botan-devel\u0026m=139717503205066\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before 1.11.9 improperly uses a single random base, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a DH group."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-05-13T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://botan.randombit.net/security.html"
},
{
"name": "[botan-devel] 20140411 Security Notification: Botan 1.10.8 + 1.11.9 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=botan-devel\u0026m=139717503205066\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9742",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before 1.11.9 improperly uses a single random base, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a DH group."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://botan.randombit.net/security.html",
"refsource": "CONFIRM",
"url": "http://botan.randombit.net/security.html"
},
{
"name": "[botan-devel] 20140411 Security Notification: Botan 1.10.8 + 1.11.9 released",
"refsource": "MLIST",
"url": "http://marc.info/?l=botan-devel\u0026m=139717503205066\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9742",
"datePublished": "2016-05-13T14:00:00",
"dateReserved": "2015-08-04T00:00:00",
"dateUpdated": "2024-08-06T13:55:04.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2801 (GCVE-0-2017-2801)
Vulnerability from cvelistv5
Published
2017-05-24 14:00
Modified
2024-08-05 14:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Certificate validation bypass
Summary
A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially crafted X509 certificate would need to be delivered to the client or server application in order to trigger this vulnerability.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:02:07.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "98106",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98106"
},
{
"name": "DSA-3939",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3939"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://talosintelligence.com/vulnerability_reports/TALOS-2017-0294"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Botan",
"vendor": "Randombit",
"versions": [
{
"status": "affected",
"version": "2.0.1"
}
]
}
],
"datePublic": "2017-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially crafted X509 certificate would need to be delivered to the client or server application in order to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Certificate validation bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T18:22:26",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "98106",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98106"
},
{
"name": "DSA-3939",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3939"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://talosintelligence.com/vulnerability_reports/TALOS-2017-0294"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2017-2801",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Botan",
"version": {
"version_data": [
{
"version_value": "2.0.1"
}
]
}
}
]
},
"vendor_name": "Randombit"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially crafted X509 certificate would need to be delivered to the client or server application in order to trigger this vulnerability."
}
]
},
"impact": {
"cvss": {
"baseScore": 6.5,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Certificate validation bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "98106",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98106"
},
{
"name": "DSA-3939",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3939"
},
{
"name": "http://talosintelligence.com/vulnerability_reports/TALOS-2017-0294",
"refsource": "MISC",
"url": "http://talosintelligence.com/vulnerability_reports/TALOS-2017-0294"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2017-2801",
"datePublished": "2017-05-24T14:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T14:02:07.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-43705 (GCVE-0-2022-43705)
Vulnerability from cvelistv5
Published
2022-11-27 00:00
Modified
2025-04-25 19:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Botan before 2.19.3, it is possible to forge OCSP responses due to a certificate verification error. This issue was introduced in Botan 1.11.34 (November 2016).
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:40:05.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/randombit/botan/releases/tag/2.19.3"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/randombit/botan/security/advisories/GHSA-4v9w-qvcq-6q7w"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-43705",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-25T19:21:03.877247Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T19:21:47.339Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Botan before 2.19.3, it is possible to forge OCSP responses due to a certificate verification error. This issue was introduced in Botan 1.11.34 (November 2016)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-27T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/randombit/botan/releases/tag/2.19.3"
},
{
"url": "https://github.com/randombit/botan/security/advisories/GHSA-4v9w-qvcq-6q7w"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-43705",
"datePublished": "2022-11-27T00:00:00.000Z",
"dateReserved": "2022-10-24T00:00:00.000Z",
"dateUpdated": "2025-04-25T19:21:47.339Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7825 (GCVE-0-2015-7825)
Vulnerability from cvelistv5
Published
2017-04-10 15:00
Modified
2024-08-06 07:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
botan before 1.11.22 improperly validates certificate paths, which allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a certificate with a loop in the certificate chain.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:59:00.466Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311618"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://botan.randombit.net/security.html#id3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "botan before 1.11.22 improperly validates certificate paths, which allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a certificate with a loop in the certificate chain."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311618"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://botan.randombit.net/security.html#id3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7825",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "botan before 1.11.22 improperly validates certificate paths, which allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a certificate with a loop in the certificate chain."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1311618",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311618"
},
{
"name": "https://botan.randombit.net/security.html#id3",
"refsource": "CONFIRM",
"url": "https://botan.randombit.net/security.html#id3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-7825",
"datePublished": "2017-04-10T15:00:00",
"dateReserved": "2015-10-14T00:00:00",
"dateUpdated": "2024-08-06T07:59:00.466Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2017-01-30 22:59
Modified
2025-04-20 01:37
Severity ?
Summary
In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be computed. Some API callers may use the returned (incorrect and attacker controlled) length field in a way which later causes memory corruption or other failure.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BCF05C1-B8BF-42E9-9CF9-2A8D710982D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D5302F3D-0392-4F2A-B15F-46DE815FE91C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F74B3CE-B979-4A44-9F63-F2D7FBDEBE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6D479AB3-10E2-4FA8-97FF-A5A3C4FD2F55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5120C5CC-612F-4F23-83EF-E06E051E26A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C5292018-AD4A-4DE7-90A4-F0DA78302F1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C824B62A-1C3B-4762-BEE3-600E8DCEC4A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AE2DAB5C-EAC8-4913-9C6B-C93445F42C70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F65C22FE-9D9C-4214-B410-83D4B0EB8B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.8.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FBF11BE-4128-4F4C-A1EA-C4FC82BEF896",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E8348638-75EE-4F93-BDB9-D83FC49D4A27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.8.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A64335FF-84CB-4173-AB78-724D73A52FE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.8.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C7BA8902-B598-4847-817A-D6C5EBC82B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.8.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C34C78DE-81B6-4E23-A9EF-26F5F5247448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.8.14:*:*:*:*:*:*:*",
"matchCriteriaId": "AFB8A484-388A-4250-8562-4EFD93BD29CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.8.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B612B014-45E0-4140-BAD5-4F694BB92E8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "25ECCD5D-5066-493A-BEEB-8E0EE19A4CE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED317B05-C7BE-475B-A114-D5ECF5DCB300",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "449C1438-4EA5-49F8-A8B8-2D7D7771B384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A9B801-7244-4FD4-9DF3-7CC774D9F0EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A10143-2149-41A5-B8A5-7A23973605C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0D0FD2-B645-4AA7-A132-1C59E9BB5EBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E1A76C74-5B6F-4351-8D14-E91ABF80AC30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A691B863-A0A0-4F83-A63B-275100630D3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1C709FA5-154C-4AAB-BF76-8772932FCE78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3E06F7D8-7CF6-485C-B1CE-09F01C84F816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "27E0B1DD-7FA4-4027-8354-C5A32E01E52A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.9.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C2C399DB-10C9-40AF-8B09-203F24B2372F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.9.12:*:*:*:*:*:*:*",
"matchCriteriaId": "055D4788-0AB3-41B9-B29D-4D01ACBA53E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.9.13:*:*:*:*:*:*:*",
"matchCriteriaId": "7E30BBE7-A70F-41EF-A24B-B9F98671EE63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.9.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F7052BEA-DBAE-49B2-8B8F-813CBD90C7D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.9.15:*:*:*:*:*:*:*",
"matchCriteriaId": "8751657C-7429-48C6-80DA-5C357C1A7900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.9.16:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA21B4F-5540-4ABB-BE98-472E5AF56AA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.9.17:*:*:*:*:*:*:*",
"matchCriteriaId": "085082D9-B570-477B-8CC5-165733CD0879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.9.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F25057AB-216F-4935-A91C-2F7DCB23F467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BF9AE6F-F5F5-407E-B9F9-6805007FF0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4208C6E7-E8F8-4BBF-82E5-667A836874FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "12524EA6-8829-4EA2-9FD0-BB5689B96CCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "28BAD0B6-C730-4E0A-AB96-D2135EB8EF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0CC905D6-E6B5-41AA-83DA-F8A181ADB32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "99607C87-A1B9-4F3E-9CA7-6E36BF489CB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9C2C1C03-18DF-48CD-A170-37FAD0AC2CD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EB87A46C-27E5-4529-95A8-39A390638F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B55AB6-85CF-4000-A8BC-76E489371FC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.9:*:*:*:*:*:*:*",
"matchCriteriaId": "49D189C3-3162-483C-BB86-614D7078B761",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "91A7E942-348E-4E92-9916-DA3C9C79F85A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A5C1AAF6-6DB1-496A-9DB6-C1BF2E8C0495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C350F9C0-4D81-4824-A932-36419DA6C813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.13:*:*:*:*:*:*:*",
"matchCriteriaId": "747ED001-1391-4B64-A409-686BE638C266",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.14:*:*:*:*:*:*:*",
"matchCriteriaId": "B468E305-F29B-4794-80AD-708067CAD59F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.15:*:*:*:*:*:*:*",
"matchCriteriaId": "5743A6CF-5ED6-41AF-9442-917E94BA49BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C098FACD-8EDB-4A97-BA9F-39472F400F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA1B306E-BCD0-4839-9D20-921BA5BEB1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C30E1A6A-5944-4D82-8EFB-67639E9BE246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "92649934-B0EB-4D27-AA54-760E7832E70B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5F80D802-D5AD-4A41-B5A3-23B7AE923053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5F809C01-0A6E-4EDD-B9C1-6B1B41368B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7C8582CD-E9CE-4A56-83D2-33CFBC4BBE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "46EAF817-CCF2-40C3-A556-BA17895165DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.8:*:*:*:*:*:*:*",
"matchCriteriaId": "92649146-62FC-4984-A726-18C9468240F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B4928BBB-AD18-4EA5-98E4-9CB3CC75376E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "229A6D01-3882-4F3F-92F5-517F79644480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B0699917-881B-4BA3-9D88-0ED47954DEA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCDCE72-44D7-442C-AF2A-EDC9E39126D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D55DBFAF-48C1-412C-B56D-EBD7EC82588A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBAC97E-B04F-48EA-87C8-62FD14B0E759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.15:*:*:*:*:*:*:*",
"matchCriteriaId": "4A00B6F0-7DCC-46D4-818A-F17BFAF18E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.16:*:*:*:*:*:*:*",
"matchCriteriaId": "61529353-E862-44AD-84EC-778B65C88112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.17:*:*:*:*:*:*:*",
"matchCriteriaId": "B683D891-9A15-40F5-82B0-5B16359330F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EE4374-31D9-4E68-A700-AFF590F37283",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.19:*:*:*:*:*:*:*",
"matchCriteriaId": "7F536ECD-C3D9-4997-A936-7E415A670E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.20:*:*:*:*:*:*:*",
"matchCriteriaId": "CF026C4E-FEAE-47A1-A3CA-330DBE6250ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.21:*:*:*:*:*:*:*",
"matchCriteriaId": "BA36F817-A50B-40E6-811B-B331BA2229A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.23:*:*:*:*:*:*:*",
"matchCriteriaId": "FD7CD5BD-2938-4C79-95A7-96AC1BB037A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.24:*:*:*:*:*:*:*",
"matchCriteriaId": "49D16EDE-885C-450F-85AD-3F49ABA6C340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.25:*:*:*:*:*:*:*",
"matchCriteriaId": "436B72BE-9E39-46F0-869A-C18B74EB1217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E4107FF3-20B0-4D9D-9555-2022E48D91A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.27:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D0DB79-ABE4-49A7-A194-E1B6007B2719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.28:*:*:*:*:*:*:*",
"matchCriteriaId": "7DB4D3A5-4493-4E53-A52D-77D60099DAF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.29:*:*:*:*:*:*:*",
"matchCriteriaId": "B31BCFA3-67C3-4AAF-A558-902FAFEC3C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.30:*:*:*:*:*:*:*",
"matchCriteriaId": "434C1EF2-D18A-4459-AF5B-57858A2C1DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.31:*:*:*:*:*:*:*",
"matchCriteriaId": "292DE6D3-FFCF-4BFC-AC2F-F030B291CFF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.32:*:*:*:*:*:*:*",
"matchCriteriaId": "AA217C5B-E6AF-43F0-84A1-778B0FE3351F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.33:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E6A828-A610-4428-AD75-9CA594E06B66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be computed. Some API callers may use the returned (incorrect and attacker controlled) length field in a way which later causes memory corruption or other failure."
},
{
"lang": "es",
"value": "En Botan 1.8.0 hasta la versi\u00f3n 1.11.33, al decodificar datos BER podr\u00eda producirse un desbordamiento de enteros, lo que causar\u00eda que se calculara un campo de longitud incorrecto. Algunos llamadores API pueden utilizar el campo de longitud devuelto (incorrecto y manipulado por el atacante) de manera que posteriormente provoque da\u00f1os en la memoria u otro error."
}
],
"id": "CVE-2016-9132",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-30T22:59:00.827",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95879"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/randombit/botan/commit/987ad747db6d0d7e36f840398f3cf02e2fbfd90f"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OUDGVRQYQUL7F5MRP3LAV7EHRJG4BBE/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2Y3JLMTE3VIV4X5X6SXVZTJBDDLCS3D/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95879"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/randombit/botan/commit/987ad747db6d0d7e36f840398f3cf02e2fbfd90f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OUDGVRQYQUL7F5MRP3LAV7EHRJG4BBE/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2Y3JLMTE3VIV4X5X6SXVZTJBDDLCS3D/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-09-26 01:29
Modified
2025-04-20 01:37
Severity ?
Summary
A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to recover information about RSA secret keys, as demonstrated by CacheD. This occurs because an array is indexed with bits derived from a secret key.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/randombit/botan/issues/1222 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2021/11/msg00006.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/wang-shuai | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/randombit/botan/issues/1222 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2021/11/msg00006.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/wang-shuai | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAEF77B-BB38-45E4-9859-911212C269B5",
"versionEndIncluding": "1.10.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C098FACD-8EDB-4A97-BA9F-39472F400F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA1B306E-BCD0-4839-9D20-921BA5BEB1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C30E1A6A-5944-4D82-8EFB-67639E9BE246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "92649934-B0EB-4D27-AA54-760E7832E70B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5F80D802-D5AD-4A41-B5A3-23B7AE923053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5F809C01-0A6E-4EDD-B9C1-6B1B41368B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7C8582CD-E9CE-4A56-83D2-33CFBC4BBE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "46EAF817-CCF2-40C3-A556-BA17895165DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.8:*:*:*:*:*:*:*",
"matchCriteriaId": "92649146-62FC-4984-A726-18C9468240F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B4928BBB-AD18-4EA5-98E4-9CB3CC75376E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "229A6D01-3882-4F3F-92F5-517F79644480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B0699917-881B-4BA3-9D88-0ED47954DEA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCDCE72-44D7-442C-AF2A-EDC9E39126D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D55DBFAF-48C1-412C-B56D-EBD7EC82588A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBAC97E-B04F-48EA-87C8-62FD14B0E759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.15:*:*:*:*:*:*:*",
"matchCriteriaId": "4A00B6F0-7DCC-46D4-818A-F17BFAF18E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.16:*:*:*:*:*:*:*",
"matchCriteriaId": "61529353-E862-44AD-84EC-778B65C88112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.17:*:*:*:*:*:*:*",
"matchCriteriaId": "B683D891-9A15-40F5-82B0-5B16359330F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EE4374-31D9-4E68-A700-AFF590F37283",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.19:*:*:*:*:*:*:*",
"matchCriteriaId": "7F536ECD-C3D9-4997-A936-7E415A670E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.20:*:*:*:*:*:*:*",
"matchCriteriaId": "CF026C4E-FEAE-47A1-A3CA-330DBE6250ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.21:*:*:*:*:*:*:*",
"matchCriteriaId": "BA36F817-A50B-40E6-811B-B331BA2229A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.22:*:*:*:*:*:*:*",
"matchCriteriaId": "80F7E018-B544-4A7F-ABE1-737988AE0382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.23:*:*:*:*:*:*:*",
"matchCriteriaId": "FD7CD5BD-2938-4C79-95A7-96AC1BB037A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.24:*:*:*:*:*:*:*",
"matchCriteriaId": "49D16EDE-885C-450F-85AD-3F49ABA6C340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.25:*:*:*:*:*:*:*",
"matchCriteriaId": "436B72BE-9E39-46F0-869A-C18B74EB1217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E4107FF3-20B0-4D9D-9555-2022E48D91A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.27:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D0DB79-ABE4-49A7-A194-E1B6007B2719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.28:*:*:*:*:*:*:*",
"matchCriteriaId": "7DB4D3A5-4493-4E53-A52D-77D60099DAF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.33:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E6A828-A610-4428-AD75-9CA594E06B66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.34:*:*:*:*:*:*:*",
"matchCriteriaId": "F950A7F7-416F-481C-9EF3-09C2F9AFAE4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9ED962E0-714F-4DA5-B495-A7895C5F8232",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9287361E-DC3A-4E80-BBA3-30D0419ACBC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04F79C8A-DE48-4A2D-8670-7411870562AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "298B6CD3-3EC1-47A7-B0E5-E28966C11BD9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to recover information about RSA secret keys, as demonstrated by CacheD. This occurs because an array is indexed with bits derived from a secret key."
},
{
"lang": "es",
"value": "Un canal lateral criptogr\u00e1fico basado en cach\u00e9 en la implementaci\u00f3n RSA en Botan en versiones anteriores a la 1.10.17 y las versiones 1.11.x y 2.x anteriores a la 2.3.0 permite que un atacante local recupere informaci\u00f3n sobre las claves secretas RSA, tal y como demuestra CacheD. Esto ocurre porque un array se indexa con bits derivados de una clave secreta."
}
],
"id": "CVE-2017-14737",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-26T01:29:03.303",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/randombit/botan/issues/1222"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00006.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/wang-shuai"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/randombit/botan/issues/1222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/wang-shuai"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-13 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for remote attackers to conduct million-message attacks by measuring time differences, related to decoding of PKCS#1 padding.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 24 | |
| botan_project | botan | * | |
| botan_project | botan | 1.11.0 | |
| botan_project | botan | 1.11.1 | |
| botan_project | botan | 1.11.2 | |
| botan_project | botan | 1.11.3 | |
| botan_project | botan | 1.11.4 | |
| botan_project | botan | 1.11.5 | |
| botan_project | botan | 1.11.6 | |
| botan_project | botan | 1.11.7 | |
| botan_project | botan | 1.11.8 | |
| botan_project | botan | 1.11.9 | |
| botan_project | botan | 1.11.10 | |
| botan_project | botan | 1.11.11 | |
| botan_project | botan | 1.11.12 | |
| botan_project | botan | 1.11.13 | |
| botan_project | botan | 1.11.14 | |
| botan_project | botan | 1.11.15 | |
| botan_project | botan | 1.11.16 | |
| botan_project | botan | 1.11.17 | |
| botan_project | botan | 1.11.18 | |
| botan_project | botan | 1.11.19 | |
| botan_project | botan | 1.11.20 | |
| botan_project | botan | 1.11.21 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*",
"matchCriteriaId": "C729D5D1-ED95-443A-9F53-5D7C2FD9B80C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7D656B-617B-4F6D-AFDD-4402A6D6ADBD",
"versionEndIncluding": "1.10.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C098FACD-8EDB-4A97-BA9F-39472F400F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA1B306E-BCD0-4839-9D20-921BA5BEB1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C30E1A6A-5944-4D82-8EFB-67639E9BE246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "92649934-B0EB-4D27-AA54-760E7832E70B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5F80D802-D5AD-4A41-B5A3-23B7AE923053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5F809C01-0A6E-4EDD-B9C1-6B1B41368B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7C8582CD-E9CE-4A56-83D2-33CFBC4BBE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "46EAF817-CCF2-40C3-A556-BA17895165DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.8:*:*:*:*:*:*:*",
"matchCriteriaId": "92649146-62FC-4984-A726-18C9468240F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B4928BBB-AD18-4EA5-98E4-9CB3CC75376E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "229A6D01-3882-4F3F-92F5-517F79644480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B0699917-881B-4BA3-9D88-0ED47954DEA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCDCE72-44D7-442C-AF2A-EDC9E39126D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D55DBFAF-48C1-412C-B56D-EBD7EC82588A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBAC97E-B04F-48EA-87C8-62FD14B0E759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.15:*:*:*:*:*:*:*",
"matchCriteriaId": "4A00B6F0-7DCC-46D4-818A-F17BFAF18E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.16:*:*:*:*:*:*:*",
"matchCriteriaId": "61529353-E862-44AD-84EC-778B65C88112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.17:*:*:*:*:*:*:*",
"matchCriteriaId": "B683D891-9A15-40F5-82B0-5B16359330F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EE4374-31D9-4E68-A700-AFF590F37283",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.19:*:*:*:*:*:*:*",
"matchCriteriaId": "7F536ECD-C3D9-4997-A936-7E415A670E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.20:*:*:*:*:*:*:*",
"matchCriteriaId": "CF026C4E-FEAE-47A1-A3CA-330DBE6250ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.21:*:*:*:*:*:*:*",
"matchCriteriaId": "BA36F817-A50B-40E6-811B-B331BA2229A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for remote attackers to conduct million-message attacks by measuring time differences, related to decoding of PKCS#1 padding."
},
{
"lang": "es",
"value": "Botan en versiones anteriores a 1.10.13 y 1.11.x en versiones anteriores a 1.11.22 hace que sea m\u00e1s f\u00e1cil para atacantes remotos llevar a cabo ataques de millones de mensajes mediante la medici\u00f3n de diferencias de tiempo, relacionado con la decodificaci\u00f3n de relleno de PKCS#1."
}
],
"id": "CVE-2015-7827",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-13T14:59:03.493",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://botan.randombit.net/security.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183669.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=botan-devel\u0026m=146185420505943\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://botan.randombit.net/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183669.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=botan-devel\u0026m=146185420505943\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3565"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-08 19:29
Modified
2024-11-21 04:01
Severity ?
Summary
A side-channel issue was discovered in Botan before 2.9.0. An attacker capable of precisely measuring the time taken for ECC key generation may be able to derive information about the high bits of the secret key, as the function to derive the public point from the secret scalar uses an unblinded Montgomery ladder whose loop iteration count depends on the bitlength of the secret. This issue affects only key generation, not ECDSA signatures or ECDH key agreement.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://botan.randombit.net/news.html | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://botan.randombit.net/security.html | Vendor Advisory | |
| cve@mitre.org | https://github.com/crocs-muni/ECTester | Not Applicable, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://botan.randombit.net/news.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://botan.randombit.net/security.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/crocs-muni/ECTester | Not Applicable, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1FAA67-A163-4976-B133-2A6281733EA1",
"versionEndExcluding": "2.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A side-channel issue was discovered in Botan before 2.9.0. An attacker capable of precisely measuring the time taken for ECC key generation may be able to derive information about the high bits of the secret key, as the function to derive the public point from the secret scalar uses an unblinded Montgomery ladder whose loop iteration count depends on the bitlength of the secret. This issue affects only key generation, not ECDSA signatures or ECDH key agreement."
},
{
"lang": "es",
"value": "Se ha detectado un fallo de canal lateral en Botan en versiones anteriores a la 2.9.0. Un atacante que sea capaz de medir con precisi\u00f3n el tiempo que tarda en generarse una clave ECC podr\u00eda ser capaz de obtener informaci\u00f3n sobre el alto n\u00famero de bits de la clave secreta, ya que la funci\u00f3n para obtener el punto p\u00fablico del escalar secreto emplea una \"escalera de Montgomery\", cuya iteraci\u00f3n de bucles depende de la longitud de bits del secreto. Esto afecta solamente a la generaci\u00f3n de claves y no a las firmas ECDSA y concordancia de claves ECDH."
}
],
"id": "CVE-2018-20187",
"lastModified": "2024-11-21T04:01:02.913",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-08T19:29:00.250",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://botan.randombit.net/news.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://botan.randombit.net/security.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable",
"Third Party Advisory"
],
"url": "https://github.com/crocs-muni/ECTester"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://botan.randombit.net/news.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://botan.randombit.net/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Third Party Advisory"
],
"url": "https://github.com/crocs-muni/ECTester"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-320"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-06 19:15
Modified
2024-11-21 06:24
Severity ?
Summary
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| mozilla | thunderbird | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04A4430C-0659-46B9-91B3-F933E2F59762",
"versionEndIncluding": "2.18.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E43B867-19B2-4006-A20D-4E05DDFC51DF",
"versionEndExcluding": "91.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver\u0027s public key, the generator defined by the receiver\u0027s public key, and the sender\u0027s ephemeral exponents can lead to a cross-configuration attack against OpenPGP."
},
{
"lang": "es",
"value": "Una implementaci\u00f3n de ElGamal en Botan versiones hasta 2.18.1, tal y como se usa en Thunderbird y otros productos, permite una recuperaci\u00f3n de texto plano porque, durante la interacci\u00f3n entre dos bibliotecas criptogr\u00e1ficas, una determinada combinaci\u00f3n peligrosa del primo definido por la clave p\u00fablica del receptor, el generador definido por la clave p\u00fablica del receptor y los exponentes ef\u00edmeros del emisor puede conllevar a un ataque de configuraci\u00f3n cruzada contra OpenPGP."
}
],
"id": "CVE-2021-40529",
"lastModified": "2024-11-21T06:24:20.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-06T19:15:07.630",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://eprint.iacr.org/2021/923"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/randombit/botan/pull/2790"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/72NB4OLD3VHJC3YF3PEP2HKF6BYURPAO/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UPHGYWNJQKWLTUWBNSFB4F66MQDIL3IB/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://eprint.iacr.org/2021/923"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/randombit/botan/pull/2790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/72NB4OLD3VHJC3YF3PEP2HKF6BYURPAO/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UPHGYWNJQKWLTUWBNSFB4F66MQDIL3IB/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-14"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-327"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-13 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
Integer overflow in the PointGFp constructor in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to overwrite memory and possibly execute arbitrary code via a crafted ECC point, which triggers a heap-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | * | |
| botan_project | botan | 1.11.0 | |
| botan_project | botan | 1.11.1 | |
| botan_project | botan | 1.11.2 | |
| botan_project | botan | 1.11.3 | |
| botan_project | botan | 1.11.4 | |
| botan_project | botan | 1.11.5 | |
| botan_project | botan | 1.11.6 | |
| botan_project | botan | 1.11.7 | |
| botan_project | botan | 1.11.8 | |
| botan_project | botan | 1.11.9 | |
| botan_project | botan | 1.11.10 | |
| botan_project | botan | 1.11.11 | |
| botan_project | botan | 1.11.12 | |
| botan_project | botan | 1.11.13 | |
| botan_project | botan | 1.11.14 | |
| botan_project | botan | 1.11.15 | |
| botan_project | botan | 1.11.16 | |
| botan_project | botan | 1.11.17 | |
| botan_project | botan | 1.11.18 | |
| botan_project | botan | 1.11.19 | |
| botan_project | botan | 1.11.20 | |
| botan_project | botan | 1.11.21 | |
| botan_project | botan | 1.11.22 | |
| botan_project | botan | 1.11.23 | |
| botan_project | botan | 1.11.24 | |
| botan_project | botan | 1.11.25 | |
| botan_project | botan | 1.11.26 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "251A4CDC-A1A6-460F-841A-D8C18DAC1C16",
"versionEndIncluding": "1.10.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C098FACD-8EDB-4A97-BA9F-39472F400F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA1B306E-BCD0-4839-9D20-921BA5BEB1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C30E1A6A-5944-4D82-8EFB-67639E9BE246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "92649934-B0EB-4D27-AA54-760E7832E70B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5F80D802-D5AD-4A41-B5A3-23B7AE923053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5F809C01-0A6E-4EDD-B9C1-6B1B41368B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7C8582CD-E9CE-4A56-83D2-33CFBC4BBE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "46EAF817-CCF2-40C3-A556-BA17895165DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.8:*:*:*:*:*:*:*",
"matchCriteriaId": "92649146-62FC-4984-A726-18C9468240F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B4928BBB-AD18-4EA5-98E4-9CB3CC75376E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "229A6D01-3882-4F3F-92F5-517F79644480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B0699917-881B-4BA3-9D88-0ED47954DEA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCDCE72-44D7-442C-AF2A-EDC9E39126D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D55DBFAF-48C1-412C-B56D-EBD7EC82588A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBAC97E-B04F-48EA-87C8-62FD14B0E759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.15:*:*:*:*:*:*:*",
"matchCriteriaId": "4A00B6F0-7DCC-46D4-818A-F17BFAF18E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.16:*:*:*:*:*:*:*",
"matchCriteriaId": "61529353-E862-44AD-84EC-778B65C88112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.17:*:*:*:*:*:*:*",
"matchCriteriaId": "B683D891-9A15-40F5-82B0-5B16359330F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EE4374-31D9-4E68-A700-AFF590F37283",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.19:*:*:*:*:*:*:*",
"matchCriteriaId": "7F536ECD-C3D9-4997-A936-7E415A670E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.20:*:*:*:*:*:*:*",
"matchCriteriaId": "CF026C4E-FEAE-47A1-A3CA-330DBE6250ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.21:*:*:*:*:*:*:*",
"matchCriteriaId": "BA36F817-A50B-40E6-811B-B331BA2229A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.22:*:*:*:*:*:*:*",
"matchCriteriaId": "80F7E018-B544-4A7F-ABE1-737988AE0382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.23:*:*:*:*:*:*:*",
"matchCriteriaId": "FD7CD5BD-2938-4C79-95A7-96AC1BB037A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.24:*:*:*:*:*:*:*",
"matchCriteriaId": "49D16EDE-885C-450F-85AD-3F49ABA6C340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.25:*:*:*:*:*:*:*",
"matchCriteriaId": "436B72BE-9E39-46F0-869A-C18B74EB1217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E4107FF3-20B0-4D9D-9555-2022E48D91A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the PointGFp constructor in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to overwrite memory and possibly execute arbitrary code via a crafted ECC point, which triggers a heap-based buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de entero en el constructor PointGFp en Botan en versiones anteriores a 1.10.11 y 1.11.x en versiones anteriores a 1.11.27 permite a atacantes remotos sobrescribir memoria y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un punto ECC manipulado, lo que desencadena un desbordamiento de buffer basado en memoria din\u00e1mica."
}
],
"id": "CVE-2016-2195",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-13T14:59:08.727",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://botan.randombit.net/security.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=botan-devel\u0026m=145435148602911\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201612-38"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://botan.randombit.net/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=botan-devel\u0026m=145435148602911\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201612-38"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-22 02:15
Modified
2024-11-21 05:52
Severity ?
Summary
In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex).
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://botan.randombit.net/news.html | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://github.com/randombit/botan/compare/2.17.2...2.17.3 | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/randombit/botan/pull/2549 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://botan.randombit.net/news.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/randombit/botan/compare/2.17.2...2.17.3 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/randombit/botan/pull/2549 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0913558B-6F4A-43B4-96F4-18E0533E5A25",
"versionEndExcluding": "2.17.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex)."
},
{
"lang": "es",
"value": "En Botan versiones anteriores a 2.17.3, los c\u00e1lculos de tiempo constante no son usados para determinadas operaciones de decodificaci\u00f3n y codificaci\u00f3n (base32, base58, base64 y hex)"
}
],
"id": "CVE-2021-24115",
"lastModified": "2024-11-21T05:52:23.223",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-22T02:15:14.180",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://botan.randombit.net/news.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/randombit/botan/compare/2.17.2...2.17.3"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/randombit/botan/pull/2549"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://botan.randombit.net/news.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/randombit/botan/compare/2.17.2...2.17.3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/randombit/botan/pull/2549"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-12 05:29
Modified
2024-11-21 04:15
Severity ?
Summary
An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving side to include in the HMAC computation exactly 64K bytes of data following the record buffer, aka an over-read. The MAC comparison will subsequently fail and the connection will be closed. This could be used for denial of service. No information leak occurs.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "760DA2BA-46D0-459F-B132-9F184A66EB9B",
"versionEndExcluding": "2.6.0",
"versionStartIncluding": "1.11.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving side to include in the HMAC computation exactly 64K bytes of data following the record buffer, aka an over-read. The MAC comparison will subsequently fail and the connection will be closed. This could be used for denial of service. No information leak occurs."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Botan desde la versi\u00f3n 1.11.32 hasta las versiones 2.x anteriores a la 2.6.0. Un error por un paso cuando se procesa texto cifrado TLS-CBC mal formado podr\u00eda provocar que la parte receptora incluya en el c\u00e1lculo de la HMAC exactamente 64K bytes de datos junto con el b\u00fafer del registro. Esto tambi\u00e9n se conoce como sobrelectura. La comparaci\u00f3n de MAC fallar\u00eda en consecuencia y la conexi\u00f3n se cerrar\u00eda. Esto se podr\u00eda utilizar para realizar una denegaci\u00f3n de servicio (DoS). No ocurre ninguna fuga de informaci\u00f3n."
}
],
"id": "CVE-2018-9860",
"lastModified": "2024-11-21T04:15:49.560",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-12T05:29:00.220",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://botan.randombit.net/security.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://botan.randombit.net/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7434"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-193"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-05-24 14:29
Modified
2025-04-20 01:37
Severity ?
6.5 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially crafted X509 certificate would need to be delivered to the client or server application in order to trigger this vulnerability.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| talos-cna@cisco.com | http://talosintelligence.com/vulnerability_reports/TALOS-2017-0294 | Exploit, Mitigation, Third Party Advisory, VDB Entry | |
| talos-cna@cisco.com | http://www.debian.org/security/2017/dsa-3939 | ||
| talos-cna@cisco.com | http://www.securityfocus.com/bid/98106 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://talosintelligence.com/vulnerability_reports/TALOS-2017-0294 | Exploit, Mitigation, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2017/dsa-3939 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/98106 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | 2.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9287361E-DC3A-4E80-BBA3-30D0419ACBC4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially crafted X509 certificate would need to be delivered to the client or server application in order to trigger this vulnerability."
},
{
"lang": "es",
"value": "Existe un error de programaci\u00f3n en una manera en que la biblioteca criptogr\u00e1fica Randombit Botan versi\u00f3n 2.0.1, implementa comparaciones de cadenas x500 que podr\u00edan conllevar problemas de comprobaci\u00f3n de certificados y violarlos. Un certificado X509 especialmente dise\u00f1ado deber\u00eda entregarse al cliente o a la aplicaci\u00f3n del servidor para desencadenar esta vulnerabilidad."
}
],
"id": "CVE-2017-2801",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.7,
"source": "talos-cna@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-24T14:29:00.537",
"references": [
{
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://talosintelligence.com/vulnerability_reports/TALOS-2017-0294"
},
{
"source": "talos-cna@cisco.com",
"url": "http://www.debian.org/security/2017/dsa-3939"
},
{
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.securityfocus.com/bid/98106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://talosintelligence.com/vulnerability_reports/TALOS-2017-0294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.securityfocus.com/bid/98106"
}
],
"sourceIdentifier": "talos-cna@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-07-08 17:15
Modified
2025-04-11 14:09
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtrees and excluded subtrees, only the permitted subtree would be checked. If a certificate included a name which was permitted by the permitted subtree but also excluded by excluded subtree, it would be accepted. Fixed in versions 3.5.0 and 2.19.5.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | * | |
| botan_project | botan | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61B1DDAB-A102-4C7D-B680-1544D88151E4",
"versionEndExcluding": "2.19.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85DA9E3B-CA36-4070-941B-D6811931D262",
"versionEndExcluding": "3.5.0",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtrees and excluded subtrees, only the permitted subtree would be checked. If a certificate included a name which was permitted by the permitted subtree but also excluded by excluded subtree, it would be accepted. Fixed in versions 3.5.0 and 2.19.5."
},
{
"lang": "es",
"value": "Botan es una librer\u00eda de criptograf\u00eda C++. Los certificados X.509 pueden identificar curvas el\u00edpticas utilizando un identificador de objeto o una codificaci\u00f3n expl\u00edcita de los par\u00e1metros. Un error en el an\u00e1lisis de las extensiones de restricci\u00f3n de nombres en los certificados X.509 significaba que si la extensi\u00f3n inclu\u00eda tanto sub\u00e1rboles permitidos como sub\u00e1rboles excluidos, solo se verificar\u00eda el sub\u00e1rbol permitido. Si un certificado incluyera un nombre permitido por el sub\u00e1rbol permitido pero tambi\u00e9n excluido por el sub\u00e1rbol excluido, se aceptar\u00eda. Corregido en las versiones 3.5.0 y 2.19.5."
}
],
"id": "CVE-2024-39312",
"lastModified": "2025-04-11T14:09:48.327",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-07-08T17:15:11.547",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/randombit/botan/security/advisories/GHSA-jp24-56jm-gg86"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/randombit/botan/security/advisories/GHSA-jp24-56jm-gg86"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-13 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allow remote attackers to obtain ECDSA secret keys via a timing side-channel attack.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 8.0 | |
| fedoraproject | fedora | 24 | |
| botan_project | botan | 1.10.12 | |
| botan_project | botan | 1.11.0 | |
| botan_project | botan | 1.11.1 | |
| botan_project | botan | 1.11.2 | |
| botan_project | botan | 1.11.3 | |
| botan_project | botan | 1.11.4 | |
| botan_project | botan | 1.11.5 | |
| botan_project | botan | 1.11.6 | |
| botan_project | botan | 1.11.7 | |
| botan_project | botan | 1.11.8 | |
| botan_project | botan | 1.11.9 | |
| botan_project | botan | 1.11.10 | |
| botan_project | botan | 1.11.11 | |
| botan_project | botan | 1.11.12 | |
| botan_project | botan | 1.11.13 | |
| botan_project | botan | 1.11.14 | |
| botan_project | botan | 1.11.15 | |
| botan_project | botan | 1.11.16 | |
| botan_project | botan | 1.11.17 | |
| botan_project | botan | 1.11.18 | |
| botan_project | botan | 1.11.19 | |
| botan_project | botan | 1.11.20 | |
| botan_project | botan | 1.11.21 | |
| botan_project | botan | 1.11.22 | |
| botan_project | botan | 1.11.23 | |
| botan_project | botan | 1.11.24 | |
| botan_project | botan | 1.11.25 | |
| botan_project | botan | 1.11.26 | |
| botan_project | botan | 1.11.27 | |
| botan_project | botan | 1.11.28 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*",
"matchCriteriaId": "C729D5D1-ED95-443A-9F53-5D7C2FD9B80C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C350F9C0-4D81-4824-A932-36419DA6C813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C098FACD-8EDB-4A97-BA9F-39472F400F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA1B306E-BCD0-4839-9D20-921BA5BEB1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C30E1A6A-5944-4D82-8EFB-67639E9BE246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "92649934-B0EB-4D27-AA54-760E7832E70B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5F80D802-D5AD-4A41-B5A3-23B7AE923053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5F809C01-0A6E-4EDD-B9C1-6B1B41368B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7C8582CD-E9CE-4A56-83D2-33CFBC4BBE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "46EAF817-CCF2-40C3-A556-BA17895165DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.8:*:*:*:*:*:*:*",
"matchCriteriaId": "92649146-62FC-4984-A726-18C9468240F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B4928BBB-AD18-4EA5-98E4-9CB3CC75376E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "229A6D01-3882-4F3F-92F5-517F79644480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B0699917-881B-4BA3-9D88-0ED47954DEA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCDCE72-44D7-442C-AF2A-EDC9E39126D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D55DBFAF-48C1-412C-B56D-EBD7EC82588A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBAC97E-B04F-48EA-87C8-62FD14B0E759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.15:*:*:*:*:*:*:*",
"matchCriteriaId": "4A00B6F0-7DCC-46D4-818A-F17BFAF18E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.16:*:*:*:*:*:*:*",
"matchCriteriaId": "61529353-E862-44AD-84EC-778B65C88112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.17:*:*:*:*:*:*:*",
"matchCriteriaId": "B683D891-9A15-40F5-82B0-5B16359330F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EE4374-31D9-4E68-A700-AFF590F37283",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.19:*:*:*:*:*:*:*",
"matchCriteriaId": "7F536ECD-C3D9-4997-A936-7E415A670E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.20:*:*:*:*:*:*:*",
"matchCriteriaId": "CF026C4E-FEAE-47A1-A3CA-330DBE6250ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.21:*:*:*:*:*:*:*",
"matchCriteriaId": "BA36F817-A50B-40E6-811B-B331BA2229A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.22:*:*:*:*:*:*:*",
"matchCriteriaId": "80F7E018-B544-4A7F-ABE1-737988AE0382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.23:*:*:*:*:*:*:*",
"matchCriteriaId": "FD7CD5BD-2938-4C79-95A7-96AC1BB037A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.24:*:*:*:*:*:*:*",
"matchCriteriaId": "49D16EDE-885C-450F-85AD-3F49ABA6C340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.25:*:*:*:*:*:*:*",
"matchCriteriaId": "436B72BE-9E39-46F0-869A-C18B74EB1217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E4107FF3-20B0-4D9D-9555-2022E48D91A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.27:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D0DB79-ABE4-49A7-A194-E1B6007B2719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.28:*:*:*:*:*:*:*",
"matchCriteriaId": "7DB4D3A5-4493-4E53-A52D-77D60099DAF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allow remote attackers to obtain ECDSA secret keys via a timing side-channel attack."
},
{
"lang": "es",
"value": "Botan en versiones anteriores a 1.10.13 y 1.11.x en versiones anteriores a 1.11.29 no utiliza un algoritmo de tiempo constante para realizar un inverso modular en la firma k nonce, lo que podr\u00eda permitir a atacantes remotos obtener claves secretas ECDSA a trav\u00e9s de un ataque de sincronizaci\u00f3n de canal lateral."
}
],
"id": "CVE-2016-2849",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-13T14:59:10.713",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://botan.randombit.net/security.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183669.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=botan-devel\u0026m=146185420505943\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201701-23"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://botan.randombit.net/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183669.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=botan-devel\u0026m=146185420505943\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-23"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-13 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
Heap-based buffer overflow in the P-521 reduction function in Botan 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (memory overwrite and crash) or execute arbitrary code via unspecified vectors.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://botan.randombit.net/security.html | Vendor Advisory | |
| cve@mitre.org | http://marc.info/?l=botan-devel&m=145435148602911&w=2 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://botan.randombit.net/security.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=botan-devel&m=145435148602911&w=2 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | 1.11.0 | |
| botan_project | botan | 1.11.1 | |
| botan_project | botan | 1.11.2 | |
| botan_project | botan | 1.11.3 | |
| botan_project | botan | 1.11.4 | |
| botan_project | botan | 1.11.5 | |
| botan_project | botan | 1.11.6 | |
| botan_project | botan | 1.11.7 | |
| botan_project | botan | 1.11.8 | |
| botan_project | botan | 1.11.9 | |
| botan_project | botan | 1.11.10 | |
| botan_project | botan | 1.11.11 | |
| botan_project | botan | 1.11.12 | |
| botan_project | botan | 1.11.13 | |
| botan_project | botan | 1.11.14 | |
| botan_project | botan | 1.11.15 | |
| botan_project | botan | 1.11.16 | |
| botan_project | botan | 1.11.17 | |
| botan_project | botan | 1.11.18 | |
| botan_project | botan | 1.11.19 | |
| botan_project | botan | 1.11.20 | |
| botan_project | botan | 1.11.21 | |
| botan_project | botan | 1.11.22 | |
| botan_project | botan | 1.11.23 | |
| botan_project | botan | 1.11.24 | |
| botan_project | botan | 1.11.25 | |
| botan_project | botan | 1.11.26 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C098FACD-8EDB-4A97-BA9F-39472F400F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA1B306E-BCD0-4839-9D20-921BA5BEB1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C30E1A6A-5944-4D82-8EFB-67639E9BE246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "92649934-B0EB-4D27-AA54-760E7832E70B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5F80D802-D5AD-4A41-B5A3-23B7AE923053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5F809C01-0A6E-4EDD-B9C1-6B1B41368B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7C8582CD-E9CE-4A56-83D2-33CFBC4BBE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "46EAF817-CCF2-40C3-A556-BA17895165DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.8:*:*:*:*:*:*:*",
"matchCriteriaId": "92649146-62FC-4984-A726-18C9468240F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B4928BBB-AD18-4EA5-98E4-9CB3CC75376E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "229A6D01-3882-4F3F-92F5-517F79644480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B0699917-881B-4BA3-9D88-0ED47954DEA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCDCE72-44D7-442C-AF2A-EDC9E39126D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D55DBFAF-48C1-412C-B56D-EBD7EC82588A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBAC97E-B04F-48EA-87C8-62FD14B0E759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.15:*:*:*:*:*:*:*",
"matchCriteriaId": "4A00B6F0-7DCC-46D4-818A-F17BFAF18E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.16:*:*:*:*:*:*:*",
"matchCriteriaId": "61529353-E862-44AD-84EC-778B65C88112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.17:*:*:*:*:*:*:*",
"matchCriteriaId": "B683D891-9A15-40F5-82B0-5B16359330F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EE4374-31D9-4E68-A700-AFF590F37283",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.19:*:*:*:*:*:*:*",
"matchCriteriaId": "7F536ECD-C3D9-4997-A936-7E415A670E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.20:*:*:*:*:*:*:*",
"matchCriteriaId": "CF026C4E-FEAE-47A1-A3CA-330DBE6250ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.21:*:*:*:*:*:*:*",
"matchCriteriaId": "BA36F817-A50B-40E6-811B-B331BA2229A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.22:*:*:*:*:*:*:*",
"matchCriteriaId": "80F7E018-B544-4A7F-ABE1-737988AE0382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.23:*:*:*:*:*:*:*",
"matchCriteriaId": "FD7CD5BD-2938-4C79-95A7-96AC1BB037A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.24:*:*:*:*:*:*:*",
"matchCriteriaId": "49D16EDE-885C-450F-85AD-3F49ABA6C340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.25:*:*:*:*:*:*:*",
"matchCriteriaId": "436B72BE-9E39-46F0-869A-C18B74EB1217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E4107FF3-20B0-4D9D-9555-2022E48D91A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the P-521 reduction function in Botan 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (memory overwrite and crash) or execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en memoria din\u00e1mica en la funci\u00f3n de reducci\u00f3n P-521 en Botan 1.11.x en versiones anteriores a 1.11.27 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (sobrescribir memoria y ca\u00edda) o ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-2196",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-13T14:59:09.760",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://botan.randombit.net/security.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=botan-devel\u0026m=145435148602911\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://botan.randombit.net/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=botan-devel\u0026m=145435148602911\u0026w=2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-15 02:29
Modified
2024-11-21 03:45
Severity ?
Summary
Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP, related to dsa/dsa.cpp, ec_group/ec_group.cpp, and ecdsa/ecdsa.cpp. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://botan.randombit.net/security.html | Third Party Advisory | |
| cve@mitre.org | https://github.com/randombit/botan/commit/48fc8df51d99f9d8ba251219367b3d629cc848e3 | Patch, Third Party Advisory | |
| cve@mitre.org | https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://botan.randombit.net/security.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/randombit/botan/commit/48fc8df51d99f9d8ba251219367b3d629cc848e3 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/ | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "416ED13A-040B-4ED0-ACAD-9EC53C2EBE6C",
"versionEndIncluding": "2.7.0",
"versionStartIncluding": "2.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP, related to dsa/dsa.cpp, ec_group/ec_group.cpp, and ecdsa/ecdsa.cpp. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host."
},
{
"lang": "es",
"value": "Botan versi\u00f3n 2.5.0 hasta 2.6.0 anterior a 2.7.0, permite un ataque de canal lateral de memoria cach\u00e9 en firmas ECDSA, tambi\u00e9n se conoce como Problema del Retorno de N\u00famero Oculto o ROHNP, relacionado con los archivos dsa/dsa.cpp, ec_group/ec_group.cpp, y ecdsa/ecdsa.cpp. Para descubrir una clave ECDSA, el atacante requiere acceso a la m\u00e1quina local o a una m\u00e1quina virtual diferente en el mismo host f\u00edsico."
}
],
"id": "CVE-2018-12435",
"lastModified": "2024-11-21T03:45:12.927",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.4,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-15T02:29:00.377",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://botan.randombit.net/security.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/randombit/botan/commit/48fc8df51d99f9d8ba251219367b3d629cc848e3"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://botan.randombit.net/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/randombit/botan/commit/48fc8df51d99f9d8ba251219367b3d629cc848e3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-13 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (application crash) via an empty BIT STRING in ASN.1 data.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | 1.10.0 | |
| botan_project | botan | 1.10.1 | |
| botan_project | botan | 1.10.2 | |
| botan_project | botan | 1.10.3 | |
| botan_project | botan | 1.10.4 | |
| botan_project | botan | 1.10.5 | |
| botan_project | botan | 1.10.6 | |
| botan_project | botan | 1.10.7 | |
| botan_project | botan | 1.10.8 | |
| botan_project | botan | 1.10.9 | |
| botan_project | botan | 1.11.0 | |
| botan_project | botan | 1.11.1 | |
| botan_project | botan | 1.11.2 | |
| botan_project | botan | 1.11.3 | |
| botan_project | botan | 1.11.4 | |
| botan_project | botan | 1.11.5 | |
| botan_project | botan | 1.11.6 | |
| botan_project | botan | 1.11.7 | |
| botan_project | botan | 1.11.8 | |
| botan_project | botan | 1.11.9 | |
| botan_project | botan | 1.11.10 | |
| botan_project | botan | 1.11.11 | |
| botan_project | botan | 1.11.12 | |
| botan_project | botan | 1.11.13 | |
| botan_project | botan | 1.11.14 | |
| botan_project | botan | 1.11.15 | |
| botan_project | botan | 1.11.16 | |
| botan_project | botan | 1.11.17 | |
| botan_project | botan | 1.11.18 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BF9AE6F-F5F5-407E-B9F9-6805007FF0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4208C6E7-E8F8-4BBF-82E5-667A836874FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "12524EA6-8829-4EA2-9FD0-BB5689B96CCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "28BAD0B6-C730-4E0A-AB96-D2135EB8EF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0CC905D6-E6B5-41AA-83DA-F8A181ADB32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "99607C87-A1B9-4F3E-9CA7-6E36BF489CB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9C2C1C03-18DF-48CD-A170-37FAD0AC2CD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EB87A46C-27E5-4529-95A8-39A390638F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B55AB6-85CF-4000-A8BC-76E489371FC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.9:*:*:*:*:*:*:*",
"matchCriteriaId": "49D189C3-3162-483C-BB86-614D7078B761",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C098FACD-8EDB-4A97-BA9F-39472F400F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA1B306E-BCD0-4839-9D20-921BA5BEB1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C30E1A6A-5944-4D82-8EFB-67639E9BE246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "92649934-B0EB-4D27-AA54-760E7832E70B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5F80D802-D5AD-4A41-B5A3-23B7AE923053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5F809C01-0A6E-4EDD-B9C1-6B1B41368B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7C8582CD-E9CE-4A56-83D2-33CFBC4BBE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "46EAF817-CCF2-40C3-A556-BA17895165DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.8:*:*:*:*:*:*:*",
"matchCriteriaId": "92649146-62FC-4984-A726-18C9468240F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B4928BBB-AD18-4EA5-98E4-9CB3CC75376E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "229A6D01-3882-4F3F-92F5-517F79644480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B0699917-881B-4BA3-9D88-0ED47954DEA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCDCE72-44D7-442C-AF2A-EDC9E39126D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D55DBFAF-48C1-412C-B56D-EBD7EC82588A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBAC97E-B04F-48EA-87C8-62FD14B0E759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.15:*:*:*:*:*:*:*",
"matchCriteriaId": "4A00B6F0-7DCC-46D4-818A-F17BFAF18E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.16:*:*:*:*:*:*:*",
"matchCriteriaId": "61529353-E862-44AD-84EC-778B65C88112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.17:*:*:*:*:*:*:*",
"matchCriteriaId": "B683D891-9A15-40F5-82B0-5B16359330F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EE4374-31D9-4E68-A700-AFF590F37283",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (application crash) via an empty BIT STRING in ASN.1 data."
},
{
"lang": "es",
"value": "El decodificador BER en Botan 0.10.x en versiones anteriores a 1.10.10 y 1.11.x en versiones anteriores a 1.11.19 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un dato vac\u00edo BIT STRING en ASN.1."
}
],
"id": "CVE-2015-5726",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-13T14:59:01.070",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://botan.randombit.net/security.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://botan.randombit.net/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3565"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-10-23 17:15
Modified
2025-07-10 19:23
Severity ?
Summary
Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp in GHASH in AES-GCM. There is a branch instead of an XOR with carry. This was observed for Clang in LLVM 15 on RISC-V.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://arxiv.org/pdf/2410.13489 | Exploit, Third Party Advisory, Technical Description | |
| cve@mitre.org | https://github.com/randombit/botan/commit/53b0cfde580e86b03d0d27a488b6c134f662e957 | Patch | |
| cve@mitre.org | https://github.com/randombit/botan/compare/3.5.0...3.6.0 | Product | |
| cve@mitre.org | https://news.ycombinator.com/item?id=41887153 | Issue Tracking |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5EDC7164-07F9-48D0-B2DA-F7427019B077",
"versionEndExcluding": "3.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp in GHASH in AES-GCM. There is a branch instead of an XOR with carry. This was observed for Clang in LLVM 15 on RISC-V."
},
{
"lang": "es",
"value": "En las versiones anteriores a la 3.6.0 de Botan, cuando se utilizan ciertas versiones de LLVM, el compilador genera un flujo de control dependiente del secreto en lib/utils/ghash/ghash.cpp en GHASH en AES-GCM. Hay una rama en lugar de un XOR con acarreo. Esto se observ\u00f3 para Clang en LLVM 15 en RISC-V."
}
],
"id": "CVE-2024-50382",
"lastModified": "2025-07-10T19:23:04.807",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-10-23T17:15:19.453",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"Technical Description"
],
"url": "https://arxiv.org/pdf/2410.13489"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/randombit/botan/commit/53b0cfde580e86b03d0d27a488b6c134f662e957"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://github.com/randombit/botan/compare/3.5.0...3.6.0"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://news.ycombinator.com/item?id=41887153"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-10 15:59
Modified
2025-04-20 01:37
Severity ?
Summary
The Curve25519 code in botan before 1.11.31, on systems without a native 128-bit integer type, might allow attackers to have unspecified impact via vectors related to undefined behavior, as demonstrated on 32-bit ARM systems compiled by Clang.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://botan.randombit.net/security.html#id2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://botan.randombit.net/security.html#id2 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F9CFEE-F293-4CD3-BEFB-AC4BBE02BB0D",
"versionEndIncluding": "1.11.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Curve25519 code in botan before 1.11.31, on systems without a native 128-bit integer type, might allow attackers to have unspecified impact via vectors related to undefined behavior, as demonstrated on 32-bit ARM systems compiled by Clang."
},
{
"lang": "es",
"value": "El c\u00f3digo Curve25519 en botan en versiones anteriores a 1.11.31, en sistemas sin un tipo entero nativo de 128 bits, podr\u00eda permitir a los atacantes tener un impacto no especificado a trav\u00e9s de vectores relacionados con un comportamiento indefinido, como se demuestra en los sistemas ARM de 32 bits compilados por Clang."
}
],
"id": "CVE-2016-6878",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-10T15:59:00.330",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://botan.randombit.net/security.html#id2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://botan.randombit.net/security.html#id2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-10 15:59
Modified
2025-04-20 01:37
Severity ?
Summary
botan 1.11.x before 1.11.22 makes it easier for remote attackers to decrypt TLS ciphertext data via a padding-oracle attack against TLS CBC ciphersuites.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://botan.randombit.net/security.html#id3 | Vendor Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1311613 | Issue Tracking, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://botan.randombit.net/security.html#id3 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1311613 | Issue Tracking, Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47FE3AFA-84AB-4C6C-8CA4-1EB0EB4D6112",
"versionEndIncluding": "1.11.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "botan 1.11.x before 1.11.22 makes it easier for remote attackers to decrypt TLS ciphertext data via a padding-oracle attack against TLS CBC ciphersuites."
},
{
"lang": "es",
"value": "botan 1.11.x en versiones anteriores a 1.11.22 hace que sea m\u00e1s f\u00e1cil para los atacantes remotos descifrar los datos de texto cifrado TLS a trav\u00e9s de un ataque padding-oracle contra TLS CBC ciphersuites."
}
],
"id": "CVE-2015-7824",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-10T15:59:00.157",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://botan.randombit.net/security.html#id3"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311613"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://botan.randombit.net/security.html#id3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311613"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-10 15:59
Modified
2025-04-20 01:37
Severity ?
Summary
botan before 1.11.22 improperly validates certificate paths, which allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a certificate with a loop in the certificate chain.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://botan.randombit.net/security.html#id3 | Vendor Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1311618 | Issue Tracking, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://botan.randombit.net/security.html#id3 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1311618 | Issue Tracking, Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47FE3AFA-84AB-4C6C-8CA4-1EB0EB4D6112",
"versionEndIncluding": "1.11.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "botan before 1.11.22 improperly validates certificate paths, which allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a certificate with a loop in the certificate chain."
},
{
"lang": "es",
"value": "botan en versiones anteriores a 1.11.22 valida incorrectamente las rutas de certificados, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (bucle infinito y consumo de memoria) a trav\u00e9s de un certificado con un bucle en la cadena de certificados."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/835.html\"\u003eCWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)\u003c/a\u003e",
"id": "CVE-2015-7825",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-10T15:59:00.207",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://botan.randombit.net/security.html#id3"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://botan.randombit.net/security.html#id3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311618"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-02 17:29
Modified
2024-11-21 04:15
Severity ?
Summary
Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125 rules, they should not match. This only affects certificates issued to the same domain as the host, so to impersonate a host one must already have a wildcard certificate matching other hosts in the same domain. For example, b*.example.com would match some hostnames that do not begin with a 'b' character.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://botan.randombit.net/security.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://botan.randombit.net/security.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D13A6534-1A38-43DF-BB5E-76F5BC5CE87B",
"versionEndIncluding": "2.4.0",
"versionStartIncluding": "2.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125 rules, they should not match. This only affects certificates issued to the same domain as the host, so to impersonate a host one must already have a wildcard certificate matching other hosts in the same domain. For example, b*.example.com would match some hostnames that do not begin with a \u0027b\u0027 character."
},
{
"lang": "es",
"value": "Botan 2.2.0 - 2.4.0 (solucionado en 2.5.0) gestionaba de manera incorrecta certificados wildcard y podr\u00eda aceptar determinados certificados como v\u00e1lidos para nombres de hosts cuando, bajo las reglas RFC 6125, no deber\u00edan coincidir. Esto solo afecta a certificados emitidos al mismo dominio que el host, por lo que para suplantar un host el certificado wildcard tiene que coincidir con otros hosts en el mismo dominio. Por ejemplo, b*.ejemplo.com coincidir\u00eda con algunos nombres de host que no empiezan por \"b\"."
}
],
"id": "CVE-2018-9127",
"lastModified": "2024-11-21T04:15:01.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-02T17:29:00.387",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://botan.randombit.net/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://botan.randombit.net/security.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-28 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
In Botan 1.11.29 through 1.11.32, RSA decryption with certain padding options had a detectable timing channel which could given sufficient queries be used to recover plaintext, aka an "OAEP side channel" attack.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/94225 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://botan.randombit.net/security.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94225 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://botan.randombit.net/security.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | 1.11.29 | |
| botan_project | botan | 1.11.30 | |
| botan_project | botan | 1.11.31 | |
| botan_project | botan | 1.11.32 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.29:*:*:*:*:*:*:*",
"matchCriteriaId": "B31BCFA3-67C3-4AAF-A558-902FAFEC3C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.30:*:*:*:*:*:*:*",
"matchCriteriaId": "434C1EF2-D18A-4459-AF5B-57858A2C1DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.31:*:*:*:*:*:*:*",
"matchCriteriaId": "292DE6D3-FFCF-4BFC-AC2F-F030B291CFF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.32:*:*:*:*:*:*:*",
"matchCriteriaId": "AA217C5B-E6AF-43F0-84A1-778B0FE3351F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Botan 1.11.29 through 1.11.32, RSA decryption with certain padding options had a detectable timing channel which could given sufficient queries be used to recover plaintext, aka an \"OAEP side channel\" attack."
},
{
"lang": "es",
"value": "En Botan 1.11.29 hasta la versi\u00f3n 1.11.32, descifrado RSA con ciertas opciones de relleno ten\u00eda un canal de sincronizaci\u00f3n detectable lo que podr\u00eda dadas las suficientes consultas, se utilizado para recuperar texto plano, vulnerabilidad tambi\u00e9n conocida como un ataque \"OAEP side channel\"."
}
],
"id": "CVE-2016-8871",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-28T15:59:15.470",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94225"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://botan.randombit.net/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94225"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://botan.randombit.net/security.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-11-27 04:15
Modified
2025-04-25 20:15
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Summary
In Botan before 2.19.3, it is possible to forge OCSP responses due to a certificate verification error. This issue was introduced in Botan 1.11.34 (November 2016).
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/randombit/botan/releases/tag/2.19.3 | Release Notes, Third Party Advisory | |
| cve@mitre.org | https://github.com/randombit/botan/security/advisories/GHSA-4v9w-qvcq-6q7w | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/randombit/botan/releases/tag/2.19.3 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/randombit/botan/security/advisories/GHSA-4v9w-qvcq-6q7w | Mitigation, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB437A00-DD28-4EF5-91C9-C9BF2B50EA3B",
"versionEndExcluding": "2.19.3",
"versionStartIncluding": "1.11.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Botan before 2.19.3, it is possible to forge OCSP responses due to a certificate verification error. This issue was introduced in Botan 1.11.34 (November 2016)."
},
{
"lang": "es",
"value": "En Botan anterior a 2.19.3, es posible falsificar respuestas OCSP debido a un error de verificaci\u00f3n de certificado. Este problema se introdujo en Botan 1.11.34 (noviembre de 2016)."
}
],
"id": "CVE-2022-43705",
"lastModified": "2025-04-25T20:15:32.597",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-11-27T04:15:10.237",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/randombit/botan/releases/tag/2.19.3"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/randombit/botan/security/advisories/GHSA-4v9w-qvcq-6q7w"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/randombit/botan/releases/tag/2.19.3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/randombit/botan/security/advisories/GHSA-4v9w-qvcq-6q7w"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-13 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
Botan 1.11.x before 1.11.29 does not enforce TLS policy for (1) signature algorithms and (2) ECC curves, which allows remote attackers to conduct downgrade attacks via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 24 | |
| botan_project | botan | 1.11.0 | |
| botan_project | botan | 1.11.1 | |
| botan_project | botan | 1.11.2 | |
| botan_project | botan | 1.11.3 | |
| botan_project | botan | 1.11.4 | |
| botan_project | botan | 1.11.5 | |
| botan_project | botan | 1.11.6 | |
| botan_project | botan | 1.11.7 | |
| botan_project | botan | 1.11.8 | |
| botan_project | botan | 1.11.9 | |
| botan_project | botan | 1.11.10 | |
| botan_project | botan | 1.11.11 | |
| botan_project | botan | 1.11.12 | |
| botan_project | botan | 1.11.13 | |
| botan_project | botan | 1.11.14 | |
| botan_project | botan | 1.11.15 | |
| botan_project | botan | 1.11.16 | |
| botan_project | botan | 1.11.17 | |
| botan_project | botan | 1.11.18 | |
| botan_project | botan | 1.11.19 | |
| botan_project | botan | 1.11.20 | |
| botan_project | botan | 1.11.21 | |
| botan_project | botan | 1.11.22 | |
| botan_project | botan | 1.11.23 | |
| botan_project | botan | 1.11.24 | |
| botan_project | botan | 1.11.25 | |
| botan_project | botan | 1.11.26 | |
| botan_project | botan | 1.11.27 | |
| botan_project | botan | 1.11.28 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*",
"matchCriteriaId": "C729D5D1-ED95-443A-9F53-5D7C2FD9B80C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C098FACD-8EDB-4A97-BA9F-39472F400F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA1B306E-BCD0-4839-9D20-921BA5BEB1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C30E1A6A-5944-4D82-8EFB-67639E9BE246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "92649934-B0EB-4D27-AA54-760E7832E70B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5F80D802-D5AD-4A41-B5A3-23B7AE923053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5F809C01-0A6E-4EDD-B9C1-6B1B41368B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7C8582CD-E9CE-4A56-83D2-33CFBC4BBE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "46EAF817-CCF2-40C3-A556-BA17895165DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.8:*:*:*:*:*:*:*",
"matchCriteriaId": "92649146-62FC-4984-A726-18C9468240F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B4928BBB-AD18-4EA5-98E4-9CB3CC75376E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "229A6D01-3882-4F3F-92F5-517F79644480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B0699917-881B-4BA3-9D88-0ED47954DEA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCDCE72-44D7-442C-AF2A-EDC9E39126D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D55DBFAF-48C1-412C-B56D-EBD7EC82588A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBAC97E-B04F-48EA-87C8-62FD14B0E759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.15:*:*:*:*:*:*:*",
"matchCriteriaId": "4A00B6F0-7DCC-46D4-818A-F17BFAF18E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.16:*:*:*:*:*:*:*",
"matchCriteriaId": "61529353-E862-44AD-84EC-778B65C88112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.17:*:*:*:*:*:*:*",
"matchCriteriaId": "B683D891-9A15-40F5-82B0-5B16359330F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EE4374-31D9-4E68-A700-AFF590F37283",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.19:*:*:*:*:*:*:*",
"matchCriteriaId": "7F536ECD-C3D9-4997-A936-7E415A670E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.20:*:*:*:*:*:*:*",
"matchCriteriaId": "CF026C4E-FEAE-47A1-A3CA-330DBE6250ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.21:*:*:*:*:*:*:*",
"matchCriteriaId": "BA36F817-A50B-40E6-811B-B331BA2229A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.22:*:*:*:*:*:*:*",
"matchCriteriaId": "80F7E018-B544-4A7F-ABE1-737988AE0382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.23:*:*:*:*:*:*:*",
"matchCriteriaId": "FD7CD5BD-2938-4C79-95A7-96AC1BB037A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.24:*:*:*:*:*:*:*",
"matchCriteriaId": "49D16EDE-885C-450F-85AD-3F49ABA6C340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.25:*:*:*:*:*:*:*",
"matchCriteriaId": "436B72BE-9E39-46F0-869A-C18B74EB1217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E4107FF3-20B0-4D9D-9555-2022E48D91A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.27:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D0DB79-ABE4-49A7-A194-E1B6007B2719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.28:*:*:*:*:*:*:*",
"matchCriteriaId": "7DB4D3A5-4493-4E53-A52D-77D60099DAF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Botan 1.11.x before 1.11.29 does not enforce TLS policy for (1) signature algorithms and (2) ECC curves, which allows remote attackers to conduct downgrade attacks via unspecified vectors."
},
{
"lang": "es",
"value": "Botan 1.11.x en versiones anteriores a 1.11.29 no hace cumplir la pol\u00edtica TLS para (1) algoritmos de firma y (2) curvas ECC, lo que permite a atacantes remotos llevar a cabo ataques de degradaci\u00f3n a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-2850",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-13T14:59:11.743",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://botan.randombit.net/security.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183669.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=botan-devel\u0026m=145852488622892\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201701-23"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://botan.randombit.net/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183669.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=botan-devel\u0026m=145852488622892\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-23"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-13 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, related to a length field.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | 1.10.0 | |
| botan_project | botan | 1.10.1 | |
| botan_project | botan | 1.10.2 | |
| botan_project | botan | 1.10.3 | |
| botan_project | botan | 1.10.4 | |
| botan_project | botan | 1.10.5 | |
| botan_project | botan | 1.10.6 | |
| botan_project | botan | 1.10.7 | |
| botan_project | botan | 1.10.8 | |
| botan_project | botan | 1.10.9 | |
| botan_project | botan | 1.11.0 | |
| botan_project | botan | 1.11.1 | |
| botan_project | botan | 1.11.2 | |
| botan_project | botan | 1.11.3 | |
| botan_project | botan | 1.11.4 | |
| botan_project | botan | 1.11.5 | |
| botan_project | botan | 1.11.6 | |
| botan_project | botan | 1.11.7 | |
| botan_project | botan | 1.11.8 | |
| botan_project | botan | 1.11.9 | |
| botan_project | botan | 1.11.10 | |
| botan_project | botan | 1.11.11 | |
| botan_project | botan | 1.11.12 | |
| botan_project | botan | 1.11.13 | |
| botan_project | botan | 1.11.14 | |
| botan_project | botan | 1.11.15 | |
| botan_project | botan | 1.11.16 | |
| botan_project | botan | 1.11.17 | |
| botan_project | botan | 1.11.18 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BF9AE6F-F5F5-407E-B9F9-6805007FF0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4208C6E7-E8F8-4BBF-82E5-667A836874FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "12524EA6-8829-4EA2-9FD0-BB5689B96CCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "28BAD0B6-C730-4E0A-AB96-D2135EB8EF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0CC905D6-E6B5-41AA-83DA-F8A181ADB32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "99607C87-A1B9-4F3E-9CA7-6E36BF489CB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9C2C1C03-18DF-48CD-A170-37FAD0AC2CD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EB87A46C-27E5-4529-95A8-39A390638F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B55AB6-85CF-4000-A8BC-76E489371FC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.10.9:*:*:*:*:*:*:*",
"matchCriteriaId": "49D189C3-3162-483C-BB86-614D7078B761",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C098FACD-8EDB-4A97-BA9F-39472F400F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA1B306E-BCD0-4839-9D20-921BA5BEB1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C30E1A6A-5944-4D82-8EFB-67639E9BE246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "92649934-B0EB-4D27-AA54-760E7832E70B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5F80D802-D5AD-4A41-B5A3-23B7AE923053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5F809C01-0A6E-4EDD-B9C1-6B1B41368B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7C8582CD-E9CE-4A56-83D2-33CFBC4BBE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "46EAF817-CCF2-40C3-A556-BA17895165DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.8:*:*:*:*:*:*:*",
"matchCriteriaId": "92649146-62FC-4984-A726-18C9468240F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B4928BBB-AD18-4EA5-98E4-9CB3CC75376E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "229A6D01-3882-4F3F-92F5-517F79644480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B0699917-881B-4BA3-9D88-0ED47954DEA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCDCE72-44D7-442C-AF2A-EDC9E39126D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D55DBFAF-48C1-412C-B56D-EBD7EC82588A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBAC97E-B04F-48EA-87C8-62FD14B0E759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.15:*:*:*:*:*:*:*",
"matchCriteriaId": "4A00B6F0-7DCC-46D4-818A-F17BFAF18E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.16:*:*:*:*:*:*:*",
"matchCriteriaId": "61529353-E862-44AD-84EC-778B65C88112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.17:*:*:*:*:*:*:*",
"matchCriteriaId": "B683D891-9A15-40F5-82B0-5B16359330F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EE4374-31D9-4E68-A700-AFF590F37283",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, related to a length field."
},
{
"lang": "es",
"value": "El decodificador BER en Botan 1.10.x en versiones anteriores a 1.10.10 y 1.11.x en versiones anteriores a 1.11.19 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de memoria) a trav\u00e9s de vectores no especificados, relacionado con un campo length."
}
],
"id": "CVE-2015-5727",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-13T14:59:02.100",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://botan.randombit.net/security.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://botan.randombit.net/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3565"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-10 15:59
Modified
2025-04-20 01:37
Severity ?
Summary
The X509_Certificate::allowed_usage function in botan 1.11.x before 1.11.31 might allow attackers to have unspecified impact by leveraging a call with more than one Key_Usage set in the enum value.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://botan.randombit.net/security.html#id2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://botan.randombit.net/security.html#id2 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | 1.11.0 | |
| botan_project | botan | 1.11.1 | |
| botan_project | botan | 1.11.2 | |
| botan_project | botan | 1.11.3 | |
| botan_project | botan | 1.11.4 | |
| botan_project | botan | 1.11.5 | |
| botan_project | botan | 1.11.6 | |
| botan_project | botan | 1.11.7 | |
| botan_project | botan | 1.11.8 | |
| botan_project | botan | 1.11.9 | |
| botan_project | botan | 1.11.10 | |
| botan_project | botan | 1.11.11 | |
| botan_project | botan | 1.11.12 | |
| botan_project | botan | 1.11.13 | |
| botan_project | botan | 1.11.14 | |
| botan_project | botan | 1.11.15 | |
| botan_project | botan | 1.11.16 | |
| botan_project | botan | 1.11.17 | |
| botan_project | botan | 1.11.18 | |
| botan_project | botan | 1.11.19 | |
| botan_project | botan | 1.11.20 | |
| botan_project | botan | 1.11.21 | |
| botan_project | botan | 1.11.22 | |
| botan_project | botan | 1.11.23 | |
| botan_project | botan | 1.11.24 | |
| botan_project | botan | 1.11.25 | |
| botan_project | botan | 1.11.26 | |
| botan_project | botan | 1.11.27 | |
| botan_project | botan | 1.11.28 | |
| botan_project | botan | 1.11.29 | |
| botan_project | botan | 1.11.30 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C098FACD-8EDB-4A97-BA9F-39472F400F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA1B306E-BCD0-4839-9D20-921BA5BEB1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C30E1A6A-5944-4D82-8EFB-67639E9BE246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "92649934-B0EB-4D27-AA54-760E7832E70B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5F80D802-D5AD-4A41-B5A3-23B7AE923053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5F809C01-0A6E-4EDD-B9C1-6B1B41368B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7C8582CD-E9CE-4A56-83D2-33CFBC4BBE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "46EAF817-CCF2-40C3-A556-BA17895165DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.8:*:*:*:*:*:*:*",
"matchCriteriaId": "92649146-62FC-4984-A726-18C9468240F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B4928BBB-AD18-4EA5-98E4-9CB3CC75376E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "229A6D01-3882-4F3F-92F5-517F79644480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B0699917-881B-4BA3-9D88-0ED47954DEA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCDCE72-44D7-442C-AF2A-EDC9E39126D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D55DBFAF-48C1-412C-B56D-EBD7EC82588A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBAC97E-B04F-48EA-87C8-62FD14B0E759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.15:*:*:*:*:*:*:*",
"matchCriteriaId": "4A00B6F0-7DCC-46D4-818A-F17BFAF18E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.16:*:*:*:*:*:*:*",
"matchCriteriaId": "61529353-E862-44AD-84EC-778B65C88112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.17:*:*:*:*:*:*:*",
"matchCriteriaId": "B683D891-9A15-40F5-82B0-5B16359330F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EE4374-31D9-4E68-A700-AFF590F37283",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.19:*:*:*:*:*:*:*",
"matchCriteriaId": "7F536ECD-C3D9-4997-A936-7E415A670E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.20:*:*:*:*:*:*:*",
"matchCriteriaId": "CF026C4E-FEAE-47A1-A3CA-330DBE6250ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.21:*:*:*:*:*:*:*",
"matchCriteriaId": "BA36F817-A50B-40E6-811B-B331BA2229A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.22:*:*:*:*:*:*:*",
"matchCriteriaId": "80F7E018-B544-4A7F-ABE1-737988AE0382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.23:*:*:*:*:*:*:*",
"matchCriteriaId": "FD7CD5BD-2938-4C79-95A7-96AC1BB037A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.24:*:*:*:*:*:*:*",
"matchCriteriaId": "49D16EDE-885C-450F-85AD-3F49ABA6C340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.25:*:*:*:*:*:*:*",
"matchCriteriaId": "436B72BE-9E39-46F0-869A-C18B74EB1217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E4107FF3-20B0-4D9D-9555-2022E48D91A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.27:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D0DB79-ABE4-49A7-A194-E1B6007B2719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.28:*:*:*:*:*:*:*",
"matchCriteriaId": "7DB4D3A5-4493-4E53-A52D-77D60099DAF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.29:*:*:*:*:*:*:*",
"matchCriteriaId": "B31BCFA3-67C3-4AAF-A558-902FAFEC3C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.30:*:*:*:*:*:*:*",
"matchCriteriaId": "434C1EF2-D18A-4459-AF5B-57858A2C1DA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The X509_Certificate::allowed_usage function in botan 1.11.x before 1.11.31 might allow attackers to have unspecified impact by leveraging a call with more than one Key_Usage set in the enum value."
},
{
"lang": "es",
"value": "La funci\u00f3n X509_Certificate::allowed_usage en botan 1.11.x en versiones anteriores a 1.11.31 podr\u00eda permitir a los atacantes tener un impacto no especificado aprovechando una llamada con m\u00e1s de un Key_Usage establecido en el valor enum."
}
],
"id": "CVE-2016-6879",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-10T15:59:00.360",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://botan.randombit.net/security.html#id2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://botan.randombit.net/security.html#id2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-320"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-10-23 17:15
Modified
2025-07-10 19:26
Severity ?
Summary
Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 (used in Chacha-Poly1305 and x25519). An addition can be skipped if a carry is not set. This was observed for GCC 11.3.0 with -O2 on MIPS, and GCC on x86-i386. (Only 32-bit processors can be affected.)
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://arxiv.org/pdf/2410.13489 | Exploit, Third Party Advisory, Technical Description | |
| cve@mitre.org | https://github.com/randombit/botan/commit/53b0cfde580e86b03d0d27a488b6c134f662e957 | Patch | |
| cve@mitre.org | https://github.com/randombit/botan/compare/3.5.0...3.6.0 | Product | |
| cve@mitre.org | https://news.ycombinator.com/item?id=41887153 | Issue Tracking |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5EDC7164-07F9-48D0-B2DA-F7427019B077",
"versionEndExcluding": "3.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 (used in Chacha-Poly1305 and x25519). An addition can be skipped if a carry is not set. This was observed for GCC 11.3.0 with -O2 on MIPS, and GCC on x86-i386. (Only 32-bit processors can be affected.)"
},
{
"lang": "es",
"value": "En las versiones anteriores a la 3.6.0 de Botan, cuando se utilizan ciertas versiones de GCC, se produce una operaci\u00f3n dependiente del secreto inducida por el compilador en lib/utils/donna128.h en donna128 (usada en Chacha-Poly1305 y x25519). Se puede omitir una adici\u00f3n si no se configura un acarreo. Esto se observ\u00f3 para GCC 11.3.0 con -O2 en MIPS y GCC en x86-i386. (Solo se pueden ver afectados los procesadores de 32 bits)."
}
],
"id": "CVE-2024-50383",
"lastModified": "2025-07-10T19:26:45.083",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-10-23T17:15:19.540",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"Technical Description"
],
"url": "https://arxiv.org/pdf/2410.13489"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/randombit/botan/commit/53b0cfde580e86b03d0d27a488b6c134f662e957"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://github.com/randombit/botan/compare/3.5.0...3.6.0"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://news.ycombinator.com/item?id=41887153"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-13 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before 1.11.9 improperly uses a single random base, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a DH group.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://botan.randombit.net/security.html | Vendor Advisory | |
| cve@mitre.org | http://marc.info/?l=botan-devel&m=139717503205066&w=2 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://botan.randombit.net/security.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=botan-devel&m=139717503205066&w=2 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | * | |
| botan_project | botan | 1.11.0 | |
| botan_project | botan | 1.11.1 | |
| botan_project | botan | 1.11.2 | |
| botan_project | botan | 1.11.3 | |
| botan_project | botan | 1.11.4 | |
| botan_project | botan | 1.11.5 | |
| botan_project | botan | 1.11.6 | |
| botan_project | botan | 1.11.7 | |
| botan_project | botan | 1.11.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30DC3809-986B-43D4-B25D-8198C99433F9",
"versionEndIncluding": "1.10.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C098FACD-8EDB-4A97-BA9F-39472F400F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA1B306E-BCD0-4839-9D20-921BA5BEB1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C30E1A6A-5944-4D82-8EFB-67639E9BE246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "92649934-B0EB-4D27-AA54-760E7832E70B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5F80D802-D5AD-4A41-B5A3-23B7AE923053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5F809C01-0A6E-4EDD-B9C1-6B1B41368B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7C8582CD-E9CE-4A56-83D2-33CFBC4BBE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "46EAF817-CCF2-40C3-A556-BA17895165DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.8:*:*:*:*:*:*:*",
"matchCriteriaId": "92649146-62FC-4984-A726-18C9468240F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before 1.11.9 improperly uses a single random base, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a DH group."
},
{
"lang": "es",
"value": "El registro de entrada de primalidad Miller-Rabin en Botan en versiones anteriores a 1.10.8 y 1.11.x en versiones anteriores a 1.11.9 utiliza indebidamente una \u00fanica base aleatoria, lo que hace m\u00e1s f\u00e1cil para atacantes remotos vencer el mecanismo de protecci\u00f3n criptogr\u00e1fico a trav\u00e9s de un grupo DH."
}
],
"id": "CVE-2014-9742",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-13T14:59:00.147",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://botan.randombit.net/security.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=botan-devel\u0026m=139717503205066\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://botan.randombit.net/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=botan-devel\u0026m=139717503205066\u0026w=2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-13 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
The ressol function in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (infinite loop) via unspecified input to the OS2ECP function, related to a composite modulus.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 8.0 | |
| botan_project | botan | * | |
| botan_project | botan | 1.11.0 | |
| botan_project | botan | 1.11.1 | |
| botan_project | botan | 1.11.2 | |
| botan_project | botan | 1.11.3 | |
| botan_project | botan | 1.11.4 | |
| botan_project | botan | 1.11.5 | |
| botan_project | botan | 1.11.6 | |
| botan_project | botan | 1.11.7 | |
| botan_project | botan | 1.11.8 | |
| botan_project | botan | 1.11.9 | |
| botan_project | botan | 1.11.10 | |
| botan_project | botan | 1.11.11 | |
| botan_project | botan | 1.11.12 | |
| botan_project | botan | 1.11.13 | |
| botan_project | botan | 1.11.14 | |
| botan_project | botan | 1.11.15 | |
| botan_project | botan | 1.11.16 | |
| botan_project | botan | 1.11.17 | |
| botan_project | botan | 1.11.18 | |
| botan_project | botan | 1.11.19 | |
| botan_project | botan | 1.11.20 | |
| botan_project | botan | 1.11.21 | |
| botan_project | botan | 1.11.22 | |
| botan_project | botan | 1.11.23 | |
| botan_project | botan | 1.11.24 | |
| botan_project | botan | 1.11.25 | |
| botan_project | botan | 1.11.26 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "251A4CDC-A1A6-460F-841A-D8C18DAC1C16",
"versionEndIncluding": "1.10.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C098FACD-8EDB-4A97-BA9F-39472F400F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA1B306E-BCD0-4839-9D20-921BA5BEB1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C30E1A6A-5944-4D82-8EFB-67639E9BE246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "92649934-B0EB-4D27-AA54-760E7832E70B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5F80D802-D5AD-4A41-B5A3-23B7AE923053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5F809C01-0A6E-4EDD-B9C1-6B1B41368B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7C8582CD-E9CE-4A56-83D2-33CFBC4BBE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "46EAF817-CCF2-40C3-A556-BA17895165DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.8:*:*:*:*:*:*:*",
"matchCriteriaId": "92649146-62FC-4984-A726-18C9468240F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B4928BBB-AD18-4EA5-98E4-9CB3CC75376E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "229A6D01-3882-4F3F-92F5-517F79644480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B0699917-881B-4BA3-9D88-0ED47954DEA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCDCE72-44D7-442C-AF2A-EDC9E39126D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D55DBFAF-48C1-412C-B56D-EBD7EC82588A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBAC97E-B04F-48EA-87C8-62FD14B0E759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.15:*:*:*:*:*:*:*",
"matchCriteriaId": "4A00B6F0-7DCC-46D4-818A-F17BFAF18E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.16:*:*:*:*:*:*:*",
"matchCriteriaId": "61529353-E862-44AD-84EC-778B65C88112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.17:*:*:*:*:*:*:*",
"matchCriteriaId": "B683D891-9A15-40F5-82B0-5B16359330F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EE4374-31D9-4E68-A700-AFF590F37283",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.19:*:*:*:*:*:*:*",
"matchCriteriaId": "7F536ECD-C3D9-4997-A936-7E415A670E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.20:*:*:*:*:*:*:*",
"matchCriteriaId": "CF026C4E-FEAE-47A1-A3CA-330DBE6250ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.21:*:*:*:*:*:*:*",
"matchCriteriaId": "BA36F817-A50B-40E6-811B-B331BA2229A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.22:*:*:*:*:*:*:*",
"matchCriteriaId": "80F7E018-B544-4A7F-ABE1-737988AE0382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.23:*:*:*:*:*:*:*",
"matchCriteriaId": "FD7CD5BD-2938-4C79-95A7-96AC1BB037A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.24:*:*:*:*:*:*:*",
"matchCriteriaId": "49D16EDE-885C-450F-85AD-3F49ABA6C340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.25:*:*:*:*:*:*:*",
"matchCriteriaId": "436B72BE-9E39-46F0-869A-C18B74EB1217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:botan_project:botan:1.11.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E4107FF3-20B0-4D9D-9555-2022E48D91A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ressol function in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (infinite loop) via unspecified input to the OS2ECP function, related to a composite modulus."
},
{
"lang": "es",
"value": "La funci\u00f3n ressol en Botan en versiones anteriores a 1.10.11 y 1.11.x versiones anteriores a 1.11.27 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (bucle infinito) a trav\u00e9s de una entrada no especificada a la funci\u00f3n OS2ECP, relacionada con un m\u00f3dulo composite."
}
],
"id": "CVE-2016-2194",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-13T14:59:07.697",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://botan.randombit.net/security.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=botan-devel\u0026m=145435148602911\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=botan-devel\u0026m=145449001708138\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201612-38"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://botan.randombit.net/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=botan-devel\u0026m=145435148602911\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=botan-devel\u0026m=145449001708138\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201612-38"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-10 15:59
Modified
2025-04-20 01:37
Severity ?
Summary
botan 1.11.x before 1.11.22 improperly handles wildcard matching against hostnames, which might allow remote attackers to have unspecified impact via a valid X.509 certificate, as demonstrated by accepting *.example.com as a match for bar.foo.example.com.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://botan.randombit.net/security.html#id3 | Vendor Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1311620 | Issue Tracking, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://botan.randombit.net/security.html#id3 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1311620 | Issue Tracking, Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47FE3AFA-84AB-4C6C-8CA4-1EB0EB4D6112",
"versionEndIncluding": "1.11.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "botan 1.11.x before 1.11.22 improperly handles wildcard matching against hostnames, which might allow remote attackers to have unspecified impact via a valid X.509 certificate, as demonstrated by accepting *.example.com as a match for bar.foo.example.com."
},
{
"lang": "es",
"value": "botan 1.11.x en versiones anteriores a 1.11.22 maneja incorrectamente la coincidencia de comodines contra nombres de host, lo que podr\u00eda permitir que atacantes remotos tengan impacto no especificado a trav\u00e9s de un certificado X.509 v\u00e1lido, como se demuestra al accepting *.example.com como coincidencia para bar.foo.example.com."
}
],
"id": "CVE-2015-7826",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-10T15:59:00.237",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://botan.randombit.net/security.html#id3"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://botan.randombit.net/security.html#id3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311620"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-11-03 01:15
Modified
2024-11-21 03:31
Severity ?
Summary
bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://botan.randombit.net/security.html | Vendor Advisory | |
| cve@mitre.org | https://bugzilla.suse.com/show_bug.cgi?id=1034591 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://botan.randombit.net/security.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.suse.com/show_bug.cgi?id=1034591 | Issue Tracking |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| botan_project | botan | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9209C67-7AAD-43E6-AEE2-8365EC3BD737",
"versionEndExcluding": "2.1.0",
"versionStartIncluding": "1.11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password."
},
{
"lang": "es",
"value": "El hash de contrase\u00f1as de bcrypt en Botan anterior a 2.1.0 no maneja correctamente las contrase\u00f1as con una longitud de entre 57 y 72 caracteres, lo que facilita a los atacantes determinar la contrase\u00f1a en texto plano."
}
],
"id": "CVE-2017-7252",
"lastModified": "2024-11-21T03:31:28.793",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-03T01:15:07.777",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://botan.randombit.net/security.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1034591"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://botan.randombit.net/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1034591"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-319"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}