pkg:Debian/botan
16 total CVEsCRITICAL4HIGH4MEDIUM8
✅ Check your installed version
All known vulnerabilities
- CRITICAL9.8CVE-2021-24115In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and h…from 0, < 2.17.3+dfsg-1
- CRITICAL9.8CVE-2018-9127Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled wildcard certificates and could accept certain certificates as valid for hostnames…from 0, < 2.4.0-5
- from 0
- CRITICAL9.1CVE-2022-43705In Botan before 2.19.3, it is possible to forge OCSP responses due to a certificate verification error.from 0
- HIGH8.8CVE-2026-35582Emissary has an OS Command Injection via Unvalidated IN_FILE_ENDING / OUT_FILE_ENDING in Executrixfrom 0
- from 0
- from 0
- from 0, < 2.4.0-6
- from 0
- MEDIUM5.9CVE-2024-50383Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna1…from 0
- MEDIUM5.9CVE-2024-50382Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp in…from 0
- MEDIUM5.9CVE-2021-40529The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during in…from 0
- from 0, < 2.9.0-2
- MEDIUM5.9CVE-2018-12435Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number P…from 0, < 2.6.0-3
- from 0
- from 0