Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Botan
(Botan_project)Repositories | https://github.com/randombit/botan |
#Vulnerabilities | 26 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2023-11-03 | CVE-2017-7252 | bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password. | Botan | 7.5 | ||
2017-01-30 | CVE-2016-9132 | In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be computed. Some API callers may use the returned (incorrect and attacker controlled) length field in a way which later causes memory corruption or other failure. | Botan | 9.8 |