Randombit Botan
10 CVEs affecting Randombit Botan. Latest disclosed: 2026-05-27. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-32877 | High | 8.2 | 2026-03-30 | Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value (C… |
CVE-2026-44378 | High | 7.5 | 2026-05-27 | Botan is a C++ cryptography library. Prior to 3.12.0, certain patterns of indefinite length encodings in BER data could cause quadratic behavior in the parser… |
CVE-2024-34703 | High | 7.5 | 2024-06-30 | Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parame… |
CVE-2017-2801 | Medium | 6.5 | 2017-05-24 | A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate veri… |
CVE-2026-32883 | Medium | 5.9 | 2026-03-30 | Botan is a C++ cryptography library. From version 3.0.0 to before version 3.11.0, during X509 path validation, OCSP responses were checked for an appropriate s… |
CVE-2026-32884 | Medium | 5.9 | 2026-03-30 | Botan is a C++ cryptography library. Prior to version 3.11.0, during processing of an X.509 certificate path using name constraints which restrict the set of a… |
CVE-2024-39312 | Medium | 5.3 | 2024-07-08 | Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parame… |
CVE-2024-34702 | Medium | 5.3 | 2024-07-08 | Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parame… |
CVE-2026-34582 | | 2026-04-07 | Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed ApplicationData records to be processed prior to the Finished… | |
CVE-2026-34580 | | 2026-04-07 | Botan is a C++ cryptography library. In 3.11.0, the function Certificate_Store::certificate_known had a misleading name; it would return true if any certificat… |