Botan (SUSE:Linux Enterprise Software Development Kit 12 SP2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Software Development Kit 12 SP2 package Botan, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (10)
CVE-2016-2195 — CVSS 9.8 (critical): Integer overflow in the PointGFp constructor in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to overwrite memory…
CVE-2016-9132 — CVSS 9.8 (critical): In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be…
CVE-2015-5727 — CVSS 7.5 (high): The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (memory…
CVE-2015-7827 — CVSS 7.5 (high): Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for remote attackers to conduct million-message attacks by measuring time…
CVE-2016-2194 — CVSS 7.5 (high): The ressol function in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (infinite loop)…
CVE-2016-2849 — CVSS 7.5 (high): Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a modular inverse on the signature nonce k…
CVE-2014-9742 — CVSS 7.5 (high): The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before 1.11.9 improperly uses a single random base, which makes it…
CVE-2015-5726 — CVSS 7.5 (high): The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (application…
CVE-2017-2801 — CVSS 6.5 (medium): A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead…
CVE-2017-14737 — CVSS 5.5 (medium): A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local…