CRITICAL9.8CVE-2021-24115In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and h… from 0, < 2.17.3+dfsg-1
CRITICAL9.8CVE-2018-9127Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled wildcard certificates and could accept certain certificates as valid for hostnames… from 0, < 2.4.0-5
from 0
CRITICAL9.1In Botan before 2.19.3, it is possible to forge OCSP responses due to a certificate verification error.
from 0
HIGH8.8Emissary has an OS Command Injection via Unvalidated IN_FILE_ENDING / OUT_FILE_ENDING in Executrix
from 0
HIGH8.2Botan is a C++ cryptography library.
from 0
HIGH7.5Botan is a C++ cryptography library.
from 0
HIGH7.5An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0.
from 0, < 2.4.0-6
MEDIUM5.9Botan is a C++ cryptography library.
from 0
MEDIUM5.9Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna1…
from 0
MEDIUM5.9Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp in…
from 0
MEDIUM5.9The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during in…
from 0
MEDIUM5.9A side-channel issue was discovered in Botan before 2.9.0.
from 0, < 2.9.0-2
MEDIUM5.9Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number P…
from 0, < 2.6.0-3
MEDIUM5.3Botan is a C++ cryptography library.
from 0
MEDIUM5.3Botan is a C++ cryptography library.
from 0