Known Vulnerabilities for Botan by Botan Project
Listed below are 10 of the newest known vulnerabilities associated with "Botan" by "Botan Project".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-44378 json | Botan is a C++ cryptography library. Prior to 3.12.0, certain patterns of indefinite length encodings in BER data could cause... | Not Provided | 2026-05-27 | 2026-05-27 |
| CVE-2026-34582 json | Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed ApplicationData records to b... | Not Provided | 2026-04-07 | 2026-06-30 |
| CVE-2026-34580 json | Botan is a C++ cryptography library. In 3.11.0, the function Certificate_Store::certificate_known had a misleading name; it w... | Not Provided | 2026-04-07 | 2026-06-30 |
| CVE-2026-32884 json | Not Provided | 2026-03-30 | 2026-04-13 | |
| CVE-2026-32883 json | Not Provided | 2026-03-30 | 2026-04-13 | |
| CVE-2026-32877 json | Not Provided | 2026-03-30 | 2026-04-13 | |
| CVE-2022-43705 json | In Botan before 2.19.3, it is possible to forge OCSP responses due to a certificate verification error. This issue was introd... | 9.1 - CRITICAL | 2022-11-27 | 2022-12-01 |
| CVE-2021-40529 json | The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery beca... | 5.9 - MEDIUM | 2021-09-06 | 2023-11-07 |
| CVE-2021-24115 json | In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58,... | 9.8 - CRITICAL | 2021-02-22 | 2021-02-26 |
| CVE-2018-20187 json | A side-channel issue was discovered in Botan before 2.9.0. An attacker capable of precisely measuring the time taken for ECC ... | 5.9 - MEDIUM | 2019-03-08 | 2019-03-12 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Botan Project | Botan | 2.9.0 | |||
| Application | Botan Project | Botan | 2.8.0 | |||
| Application | Botan Project | Botan | 2.7.0 | |||
| Application | Botan Project | Botan | 2.6.0 | |||
| Application | Botan Project | Botan | 2.5.0 | |||
| Application | Botan Project | Botan | 2.4.0 | |||
| Application | Botan Project | Botan | 2.3.0 | |||
| Application | Botan Project | Botan | 2.2.0 | |||
| Application | Botan Project | Botan | 2.17.3 | |||
| Application | Botan Project | Botan | 2.17.2 | |||
| Application | Botan Project | Botan | 2.17.1 | |||
| Application | Botan Project | Botan | 2.17.0 | |||
| Application | Botan Project | Botan | 2.16.0 | |||
| Application | Botan Project | Botan | 2.15.0 | |||
| Application | Botan Project | Botan | 2.14.0 | |||
| Application | Botan Project | Botan | 2.13.0 | |||
| Application | Botan Project | Botan | 2.12.1 | |||
| Application | Botan Project | Botan | 2.12.0 | |||
| Application | Botan Project | Botan | 2.11.0 | |||
| Application | Botan Project | Botan | 2.10.0 |