Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
Typedeb
Namespacedebian
Namebotan
Version2.19.5+dfsg-4
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-31pb-3pss-ybg3
vulnerability_id VCID-31pb-3pss-ybg3
summary A side-channel issue was discovered in Botan before 2.9.0. An attacker capable of precisely measuring the time taken for ECC key generation may be able to derive information about the high bits of the secret key, as the function to derive the public point from the secret scalar uses an unblinded Montgomery ladder whose loop iteration count depends on the bitlength of the secret. This issue affects only key generation, not ECDSA signatures or ECDH key agreement.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-20187
reference_id
reference_type
scores
0
value 0.00487
scoring_system epss
scoring_elements 0.65485
published_at 2026-04-16T12:55:00Z
1
value 0.00487
scoring_system epss
scoring_elements 0.65476
published_at 2026-04-12T12:55:00Z
2
value 0.00487
scoring_system epss
scoring_elements 0.65448
published_at 2026-04-13T12:55:00Z
3
value 0.00487
scoring_system epss
scoring_elements 0.65368
published_at 2026-04-01T12:55:00Z
4
value 0.00487
scoring_system epss
scoring_elements 0.65417
published_at 2026-04-02T12:55:00Z
5
value 0.00487
scoring_system epss
scoring_elements 0.65444
published_at 2026-04-04T12:55:00Z
6
value 0.00487
scoring_system epss
scoring_elements 0.65406
published_at 2026-04-07T12:55:00Z
7
value 0.00487
scoring_system epss
scoring_elements 0.65459
published_at 2026-04-08T12:55:00Z
8
value 0.00487
scoring_system epss
scoring_elements 0.6547
published_at 2026-04-09T12:55:00Z
9
value 0.00487
scoring_system epss
scoring_elements 0.65489
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-20187
1
reference_url https://botan.randombit.net/news.html
reference_id
reference_type
scores
url https://botan.randombit.net/news.html
2
reference_url https://botan.randombit.net/security.html
reference_id
reference_type
scores
url https://botan.randombit.net/security.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20187
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20187
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/crocs-muni/ECTester
reference_id
reference_type
scores
url https://github.com/crocs-muni/ECTester
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918732
reference_id 918732
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918732
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-20187
reference_id CVE-2018-20187
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
1
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2018-20187
fixed_packages
0
url pkg:deb/debian/botan@2.9.0-2?distro=trixie
purl pkg:deb/debian/botan@2.9.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.9.0-2%3Fdistro=trixie
1
url pkg:deb/debian/botan@2.17.3%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/botan@2.17.3%2Bdfsg-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4813-s8rk-xqcz
1
vulnerability VCID-9kx4-w9uw-vybp
2
vulnerability VCID-9us9-jyfu-hqdg
3
vulnerability VCID-sfcs-71wr-wbf4
4
vulnerability VCID-vgqy-r4ed-4bcv
5
vulnerability VCID-w192-d7k6-h3a3
6
vulnerability VCID-xffg-w6fz-yqfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.17.3%252Bdfsg-2%3Fdistro=trixie
2
url pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.3%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
purl pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.5%252Bdfsg-4%3Fdistro=trixie
aliases CVE-2018-20187
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-31pb-3pss-ybg3
1
url VCID-32jb-t7zq-uyhe
vulnerability_id VCID-32jb-t7zq-uyhe
summary In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-24115
reference_id
reference_type
scores
0
value 0.00711
scoring_system epss
scoring_elements 0.72289
published_at 2026-04-16T12:55:00Z
1
value 0.00711
scoring_system epss
scoring_elements 0.72204
published_at 2026-04-01T12:55:00Z
2
value 0.00711
scoring_system epss
scoring_elements 0.72209
published_at 2026-04-02T12:55:00Z
3
value 0.00711
scoring_system epss
scoring_elements 0.72229
published_at 2026-04-04T12:55:00Z
4
value 0.00711
scoring_system epss
scoring_elements 0.72205
published_at 2026-04-07T12:55:00Z
5
value 0.00711
scoring_system epss
scoring_elements 0.72242
published_at 2026-04-08T12:55:00Z
6
value 0.00711
scoring_system epss
scoring_elements 0.72254
published_at 2026-04-09T12:55:00Z
7
value 0.00711
scoring_system epss
scoring_elements 0.72277
published_at 2026-04-11T12:55:00Z
8
value 0.00711
scoring_system epss
scoring_elements 0.7226
published_at 2026-04-12T12:55:00Z
9
value 0.00711
scoring_system epss
scoring_elements 0.72247
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-24115
1
reference_url https://botan.randombit.net/news.html
reference_id
reference_type
scores
url https://botan.randombit.net/news.html
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24115
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24115
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-24115
reference_id CVE-2021-24115
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-24115
fixed_packages
0
url pkg:deb/debian/botan@2.17.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/botan@2.17.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.17.3%252Bdfsg-1%3Fdistro=trixie
1
url pkg:deb/debian/botan@2.17.3%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/botan@2.17.3%2Bdfsg-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4813-s8rk-xqcz
1
vulnerability VCID-9kx4-w9uw-vybp
2
vulnerability VCID-9us9-jyfu-hqdg
3
vulnerability VCID-sfcs-71wr-wbf4
4
vulnerability VCID-vgqy-r4ed-4bcv
5
vulnerability VCID-w192-d7k6-h3a3
6
vulnerability VCID-xffg-w6fz-yqfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.17.3%252Bdfsg-2%3Fdistro=trixie
2
url pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.3%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
purl pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.5%252Bdfsg-4%3Fdistro=trixie
aliases CVE-2021-24115
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-32jb-t7zq-uyhe
2
url VCID-4813-s8rk-xqcz
vulnerability_id VCID-4813-s8rk-xqcz
summary Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp in GHASH in AES-GCM. There is a branch instead of an XOR with carry. This was observed for Clang in LLVM 15 on RISC-V.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-50382
reference_id
reference_type
scores
0
value 0.00144
scoring_system epss
scoring_elements 0.34778
published_at 2026-04-16T12:55:00Z
1
value 0.00144
scoring_system epss
scoring_elements 0.34828
published_at 2026-04-02T12:55:00Z
2
value 0.00144
scoring_system epss
scoring_elements 0.34855
published_at 2026-04-04T12:55:00Z
3
value 0.00144
scoring_system epss
scoring_elements 0.34731
published_at 2026-04-07T12:55:00Z
4
value 0.00144
scoring_system epss
scoring_elements 0.34775
published_at 2026-04-08T12:55:00Z
5
value 0.00144
scoring_system epss
scoring_elements 0.34802
published_at 2026-04-09T12:55:00Z
6
value 0.00144
scoring_system epss
scoring_elements 0.34807
published_at 2026-04-11T12:55:00Z
7
value 0.00144
scoring_system epss
scoring_elements 0.34768
published_at 2026-04-12T12:55:00Z
8
value 0.00144
scoring_system epss
scoring_elements 0.34743
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-50382
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50382
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50382
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://arxiv.org/pdf/2410.13489
reference_id 2410.13489
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T19:56:36Z/
url https://arxiv.org/pdf/2410.13489
4
reference_url https://github.com/randombit/botan/compare/3.5.0...3.6.0
reference_id 3.5.0...3.6.0
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T19:56:36Z/
url https://github.com/randombit/botan/compare/3.5.0...3.6.0
5
reference_url https://github.com/randombit/botan/commit/53b0cfde580e86b03d0d27a488b6c134f662e957
reference_id 53b0cfde580e86b03d0d27a488b6c134f662e957
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T19:56:36Z/
url https://github.com/randombit/botan/commit/53b0cfde580e86b03d0d27a488b6c134f662e957
6
reference_url https://news.ycombinator.com/item?id=41887153
reference_id item?id=41887153
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T19:56:36Z/
url https://news.ycombinator.com/item?id=41887153
7
reference_url https://usn.ubuntu.com/7586-1/
reference_id USN-7586-1
reference_type
scores
url https://usn.ubuntu.com/7586-1/
fixed_packages
0
url pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.3%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
1
url pkg:deb/debian/botan@2.19.5%2Bdfsg-3?distro=trixie
purl pkg:deb/debian/botan@2.19.5%2Bdfsg-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.5%252Bdfsg-3%3Fdistro=trixie
2
url pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
purl pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.5%252Bdfsg-4%3Fdistro=trixie
aliases CVE-2024-50382
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4813-s8rk-xqcz
3
url VCID-851y-jyry-8qe1
vulnerability_id VCID-851y-jyry-8qe1
summary Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP, related to dsa/dsa.cpp, ec_group/ec_group.cpp, and ecdsa/ecdsa.cpp. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-12435
reference_id
reference_type
scores
0
value 0.00153
scoring_system epss
scoring_elements 0.36035
published_at 2026-04-13T12:55:00Z
1
value 0.00153
scoring_system epss
scoring_elements 0.361
published_at 2026-04-11T12:55:00Z
2
value 0.00153
scoring_system epss
scoring_elements 0.36061
published_at 2026-04-12T12:55:00Z
3
value 0.00153
scoring_system epss
scoring_elements 0.35969
published_at 2026-04-01T12:55:00Z
4
value 0.00153
scoring_system epss
scoring_elements 0.36159
published_at 2026-04-02T12:55:00Z
5
value 0.00153
scoring_system epss
scoring_elements 0.3619
published_at 2026-04-04T12:55:00Z
6
value 0.00153
scoring_system epss
scoring_elements 0.36025
published_at 2026-04-07T12:55:00Z
7
value 0.00153
scoring_system epss
scoring_elements 0.36075
published_at 2026-04-16T12:55:00Z
8
value 0.00153
scoring_system epss
scoring_elements 0.36093
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-12435
1
reference_url https://botan.randombit.net/security.html
reference_id
reference_type
scores
url https://botan.randombit.net/security.html
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12435
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12435
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/randombit/botan/commit/48fc8df51d99f9d8ba251219367b3d629cc848e3
reference_id
reference_type
scores
url https://github.com/randombit/botan/commit/48fc8df51d99f9d8ba251219367b3d629cc848e3
5
reference_url https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/
reference_id
reference_type
scores
url https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901619
reference_id 901619
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901619
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-12435
reference_id CVE-2018-12435
reference_type
scores
0
value 1.9
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:N/C:P/I:N/A:N
1
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2018-12435
fixed_packages
0
url pkg:deb/debian/botan@2.6.0-3?distro=trixie
purl pkg:deb/debian/botan@2.6.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.6.0-3%3Fdistro=trixie
1
url pkg:deb/debian/botan@2.17.3%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/botan@2.17.3%2Bdfsg-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4813-s8rk-xqcz
1
vulnerability VCID-9kx4-w9uw-vybp
2
vulnerability VCID-9us9-jyfu-hqdg
3
vulnerability VCID-sfcs-71wr-wbf4
4
vulnerability VCID-vgqy-r4ed-4bcv
5
vulnerability VCID-w192-d7k6-h3a3
6
vulnerability VCID-xffg-w6fz-yqfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.17.3%252Bdfsg-2%3Fdistro=trixie
2
url pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.3%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
purl pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.5%252Bdfsg-4%3Fdistro=trixie
aliases CVE-2018-12435
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-851y-jyry-8qe1
4
url VCID-9kx4-w9uw-vybp
vulnerability_id VCID-9kx4-w9uw-vybp
summary Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtrees and excluded subtrees, only the permitted subtree would be checked. If a certificate included a name which was permitted by the permitted subtree but also excluded by excluded subtree, it would be accepted. Fixed in versions 3.5.0 and 2.19.5.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39312
reference_id
reference_type
scores
0
value 0.00281
scoring_system epss
scoring_elements 0.51496
published_at 2026-04-16T12:55:00Z
1
value 0.00281
scoring_system epss
scoring_elements 0.51488
published_at 2026-04-11T12:55:00Z
2
value 0.00281
scoring_system epss
scoring_elements 0.51467
published_at 2026-04-12T12:55:00Z
3
value 0.00281
scoring_system epss
scoring_elements 0.51454
published_at 2026-04-13T12:55:00Z
4
value 0.00281
scoring_system epss
scoring_elements 0.51408
published_at 2026-04-02T12:55:00Z
5
value 0.00281
scoring_system epss
scoring_elements 0.51435
published_at 2026-04-04T12:55:00Z
6
value 0.00281
scoring_system epss
scoring_elements 0.51394
published_at 2026-04-07T12:55:00Z
7
value 0.00281
scoring_system epss
scoring_elements 0.51447
published_at 2026-04-08T12:55:00Z
8
value 0.00281
scoring_system epss
scoring_elements 0.51445
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39312
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39312
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/randombit/botan/security/advisories/GHSA-jp24-56jm-gg86
reference_id GHSA-jp24-56jm-gg86
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T19:57:15Z/
url https://github.com/randombit/botan/security/advisories/GHSA-jp24-56jm-gg86
4
reference_url https://usn.ubuntu.com/7586-1/
reference_id USN-7586-1
reference_type
scores
url https://usn.ubuntu.com/7586-1/
fixed_packages
0
url pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.3%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
1
url pkg:deb/debian/botan@2.19.5%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/botan@2.19.5%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.5%252Bdfsg-1%3Fdistro=trixie
2
url pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
purl pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.5%252Bdfsg-4%3Fdistro=trixie
aliases CVE-2024-39312
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9kx4-w9uw-vybp
5
url VCID-9us9-jyfu-hqdg
vulnerability_id VCID-9us9-jyfu-hqdg
summary In Botan before 2.19.3, it is possible to forge OCSP responses due to a certificate verification error. This issue was introduced in Botan 1.11.34 (November 2016).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-43705
reference_id
reference_type
scores
0
value 0.00164
scoring_system epss
scoring_elements 0.37405
published_at 2026-04-16T12:55:00Z
1
value 0.00164
scoring_system epss
scoring_elements 0.37421
published_at 2026-04-11T12:55:00Z
2
value 0.00164
scoring_system epss
scoring_elements 0.37386
published_at 2026-04-12T12:55:00Z
3
value 0.00164
scoring_system epss
scoring_elements 0.37359
published_at 2026-04-13T12:55:00Z
4
value 0.00164
scoring_system epss
scoring_elements 0.37492
published_at 2026-04-02T12:55:00Z
5
value 0.00164
scoring_system epss
scoring_elements 0.37516
published_at 2026-04-04T12:55:00Z
6
value 0.00164
scoring_system epss
scoring_elements 0.37345
published_at 2026-04-07T12:55:00Z
7
value 0.00164
scoring_system epss
scoring_elements 0.37396
published_at 2026-04-08T12:55:00Z
8
value 0.00164
scoring_system epss
scoring_elements 0.37409
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-43705
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43705
2
reference_url https://github.com/randombit/botan/releases/tag/2.19.3
reference_id 2.19.3
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T19:21:03Z/
url https://github.com/randombit/botan/releases/tag/2.19.3
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-43705
reference_id CVE-2022-43705
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-43705
4
reference_url https://github.com/randombit/botan/security/advisories/GHSA-4v9w-qvcq-6q7w
reference_id GHSA-4v9w-qvcq-6q7w
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T19:21:03Z/
url https://github.com/randombit/botan/security/advisories/GHSA-4v9w-qvcq-6q7w
fixed_packages
0
url pkg:deb/debian/botan@2.19.3%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/botan@2.19.3%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.3%252Bdfsg-1%3Fdistro=trixie
1
url pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.3%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
purl pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.5%252Bdfsg-4%3Fdistro=trixie
aliases CVE-2022-43705, GHSA-4v9w-qvcq-6q7w
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9us9-jyfu-hqdg
6
url VCID-bdvc-y1wv-gkcf
vulnerability_id VCID-bdvc-y1wv-gkcf
summary An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving side to include in the HMAC computation exactly 64K bytes of data following the record buffer, aka an over-read. The MAC comparison will subsequently fail and the connection will be closed. This could be used for denial of service. No information leak occurs.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-9860
reference_id
reference_type
scores
0
value 0.00499
scoring_system epss
scoring_elements 0.65823
published_at 2026-04-01T12:55:00Z
1
value 0.00499
scoring_system epss
scoring_elements 0.65871
published_at 2026-04-02T12:55:00Z
2
value 0.00499
scoring_system epss
scoring_elements 0.65901
published_at 2026-04-04T12:55:00Z
3
value 0.00499
scoring_system epss
scoring_elements 0.65866
published_at 2026-04-07T12:55:00Z
4
value 0.00499
scoring_system epss
scoring_elements 0.65918
published_at 2026-04-08T12:55:00Z
5
value 0.00499
scoring_system epss
scoring_elements 0.65929
published_at 2026-04-09T12:55:00Z
6
value 0.00499
scoring_system epss
scoring_elements 0.65947
published_at 2026-04-11T12:55:00Z
7
value 0.00499
scoring_system epss
scoring_elements 0.65934
published_at 2026-04-12T12:55:00Z
8
value 0.00499
scoring_system epss
scoring_elements 0.65904
published_at 2026-04-13T12:55:00Z
9
value 0.00499
scoring_system epss
scoring_elements 0.65939
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-9860
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9860
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9860
fixed_packages
0
url pkg:deb/debian/botan@2.4.0-6?distro=trixie
purl pkg:deb/debian/botan@2.4.0-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.4.0-6%3Fdistro=trixie
1
url pkg:deb/debian/botan@2.17.3%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/botan@2.17.3%2Bdfsg-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4813-s8rk-xqcz
1
vulnerability VCID-9kx4-w9uw-vybp
2
vulnerability VCID-9us9-jyfu-hqdg
3
vulnerability VCID-sfcs-71wr-wbf4
4
vulnerability VCID-vgqy-r4ed-4bcv
5
vulnerability VCID-w192-d7k6-h3a3
6
vulnerability VCID-xffg-w6fz-yqfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.17.3%252Bdfsg-2%3Fdistro=trixie
2
url pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.3%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
purl pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.5%252Bdfsg-4%3Fdistro=trixie
aliases CVE-2018-9860
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bdvc-y1wv-gkcf
7
url VCID-gw14-fx4m-qqag
vulnerability_id VCID-gw14-fx4m-qqag
summary Botan: Botan: Compromised certificate validation integrity via unverified OCSP response signatures
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32883.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32883.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32883
reference_id
reference_type
scores
0
value 0.00016
scoring_system epss
scoring_elements 0.03613
published_at 2026-04-08T12:55:00Z
1
value 0.00016
scoring_system epss
scoring_elements 0.03612
published_at 2026-04-07T12:55:00Z
2
value 0.00016
scoring_system epss
scoring_elements 0.03635
published_at 2026-04-09T12:55:00Z
3
value 0.00016
scoring_system epss
scoring_elements 0.03593
published_at 2026-04-11T12:55:00Z
4
value 0.00016
scoring_system epss
scoring_elements 0.03564
published_at 2026-04-12T12:55:00Z
5
value 0.00016
scoring_system epss
scoring_elements 0.03539
published_at 2026-04-13T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.03977
published_at 2026-04-16T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05348
published_at 2026-04-04T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05317
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32883
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32883
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32883
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2453204
reference_id 2453204
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2453204
4
reference_url https://github.com/randombit/botan/security/advisories/GHSA-9j2j-hqmc-hf5x
reference_id GHSA-9j2j-hqmc-hf5x
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-02T14:09:48Z/
url https://github.com/randombit/botan/security/advisories/GHSA-9j2j-hqmc-hf5x
fixed_packages
0
url pkg:deb/debian/botan@0?distro=trixie
purl pkg:deb/debian/botan@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@0%3Fdistro=trixie
1
url pkg:deb/debian/botan@2.17.3%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/botan@2.17.3%2Bdfsg-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4813-s8rk-xqcz
1
vulnerability VCID-9kx4-w9uw-vybp
2
vulnerability VCID-9us9-jyfu-hqdg
3
vulnerability VCID-sfcs-71wr-wbf4
4
vulnerability VCID-vgqy-r4ed-4bcv
5
vulnerability VCID-w192-d7k6-h3a3
6
vulnerability VCID-xffg-w6fz-yqfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.17.3%252Bdfsg-2%3Fdistro=trixie
2
url pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.3%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
purl pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.5%252Bdfsg-4%3Fdistro=trixie
aliases CVE-2026-32883
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gw14-fx4m-qqag
8
url VCID-sfcs-71wr-wbf4
vulnerability_id VCID-sfcs-71wr-wbf4
summary Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to 3.5.0 and 2.19.5, checking name constraints in X.509 certificates is quadratic in the number of names and name constraints. An attacker who presented a certificate chain which contained a very large number of names in the SubjectAlternativeName, signed by a CA certificate which contained a large number of name constraints, could cause a denial of service. The problem has been addressed in Botan 3.5.0 and a partial backport has also been applied and is included in Botan 2.19.5.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-34702
reference_id
reference_type
scores
0
value 0.00449
scoring_system epss
scoring_elements 0.63551
published_at 2026-04-02T12:55:00Z
1
value 0.00449
scoring_system epss
scoring_elements 0.63615
published_at 2026-04-16T12:55:00Z
2
value 0.00449
scoring_system epss
scoring_elements 0.63611
published_at 2026-04-12T12:55:00Z
3
value 0.00449
scoring_system epss
scoring_elements 0.63627
published_at 2026-04-11T12:55:00Z
4
value 0.00449
scoring_system epss
scoring_elements 0.63612
published_at 2026-04-09T12:55:00Z
5
value 0.00449
scoring_system epss
scoring_elements 0.63595
published_at 2026-04-08T12:55:00Z
6
value 0.00449
scoring_system epss
scoring_elements 0.63544
published_at 2026-04-07T12:55:00Z
7
value 0.00449
scoring_system epss
scoring_elements 0.63578
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-34702
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34702
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34702
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/randombit/botan/commit/21dccc8fef18c165ba3301d850ac61521f85637e
reference_id 21dccc8fef18c165ba3301d850ac61521f85637e
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/commit/21dccc8fef18c165ba3301d850ac61521f85637e
4
reference_url https://github.com/randombit/botan/commit/39535f13c322f56aa3da2f44b2b6abb8619a82ac
reference_id 39535f13c322f56aa3da2f44b2b6abb8619a82ac
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/commit/39535f13c322f56aa3da2f44b2b6abb8619a82ac
5
reference_url https://github.com/randombit/botan/pull/4034
reference_id 4034
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/pull/4034
6
reference_url https://github.com/randombit/botan/pull/4045
reference_id 4045
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/pull/4045
7
reference_url https://github.com/randombit/botan/pull/4047
reference_id 4047
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/pull/4047
8
reference_url https://github.com/randombit/botan/pull/4052
reference_id 4052
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/pull/4052
9
reference_url https://github.com/randombit/botan/pull/4186
reference_id 4186
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/pull/4186
10
reference_url https://github.com/randombit/botan/pull/4187
reference_id 4187
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/pull/4187
11
reference_url https://github.com/randombit/botan/commit/477822a2d10f02d8ba46c9d8a5132f25843f5cc1
reference_id 477822a2d10f02d8ba46c9d8a5132f25843f5cc1
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/commit/477822a2d10f02d8ba46c9d8a5132f25843f5cc1
12
reference_url https://github.com/randombit/botan/commit/7606d70d3a2ac7114476ec2651ca0243c4536fdf
reference_id 7606d70d3a2ac7114476ec2651ca0243c4536fdf
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/commit/7606d70d3a2ac7114476ec2651ca0243c4536fdf
13
reference_url https://github.com/randombit/botan/commit/c3264821b9f6286ee4e6e3e06826f6b7177e6d41
reference_id c3264821b9f6286ee4e6e3e06826f6b7177e6d41
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/commit/c3264821b9f6286ee4e6e3e06826f6b7177e6d41
14
reference_url https://github.com/randombit/botan/commit/ff704b12e6fa351aaedd07bffdc91722e84586b8
reference_id ff704b12e6fa351aaedd07bffdc91722e84586b8
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/commit/ff704b12e6fa351aaedd07bffdc91722e84586b8
15
reference_url https://github.com/randombit/botan/security/advisories/GHSA-5gg9-hqpr-r58j
reference_id GHSA-5gg9-hqpr-r58j
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-08T17:49:00Z/
url https://github.com/randombit/botan/security/advisories/GHSA-5gg9-hqpr-r58j
16
reference_url https://usn.ubuntu.com/7586-1/
reference_id USN-7586-1
reference_type
scores
url https://usn.ubuntu.com/7586-1/
fixed_packages
0
url pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.3%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
1
url pkg:deb/debian/botan@2.19.5%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/botan@2.19.5%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.5%252Bdfsg-1%3Fdistro=trixie
2
url pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
purl pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.5%252Bdfsg-4%3Fdistro=trixie
aliases CVE-2024-34702
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sfcs-71wr-wbf4
9
url VCID-vgqy-r4ed-4bcv
vulnerability_id VCID-vgqy-r4ed-4bcv
summary Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to versions 3.3.0 and 2.19.4, an attacker could present an ECDSA X.509 certificate using explicit encoding where the parameters are very large. The proof of concept used a 16Kbit prime for this purpose. When parsing, the parameter is checked to be prime, causing excessive computation. This was patched in 2.19.4 and 3.3.0 to allow the prime parameter of the elliptic curve to be at most 521 bits. No known workarounds are available. Note that support for explicit encoding of elliptic curve parameters is deprecated in Botan.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-34703
reference_id
reference_type
scores
0
value 0.00201
scoring_system epss
scoring_elements 0.42236
published_at 2026-04-16T12:55:00Z
1
value 0.00201
scoring_system epss
scoring_elements 0.422
published_at 2026-04-02T12:55:00Z
2
value 0.00201
scoring_system epss
scoring_elements 0.42227
published_at 2026-04-09T12:55:00Z
3
value 0.00201
scoring_system epss
scoring_elements 0.42169
published_at 2026-04-07T12:55:00Z
4
value 0.00201
scoring_system epss
scoring_elements 0.42219
published_at 2026-04-08T12:55:00Z
5
value 0.00201
scoring_system epss
scoring_elements 0.42251
published_at 2026-04-11T12:55:00Z
6
value 0.00201
scoring_system epss
scoring_elements 0.42213
published_at 2026-04-12T12:55:00Z
7
value 0.00201
scoring_system epss
scoring_elements 0.42186
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-34703
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34703
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34703
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/randombit/botan/commit/08c404b23740babee1f6aa51b54e966029aadee4
reference_id 08c404b23740babee1f6aa51b54e966029aadee4
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-02T14:55:26Z/
url https://github.com/randombit/botan/commit/08c404b23740babee1f6aa51b54e966029aadee4
4
reference_url https://github.com/randombit/botan/commit/94e9154c143aa5264da6254a6a1be5bc66ee2b5a
reference_id 94e9154c143aa5264da6254a6a1be5bc66ee2b5a
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-02T14:55:26Z/
url https://github.com/randombit/botan/commit/94e9154c143aa5264da6254a6a1be5bc66ee2b5a
5
reference_url https://github.com/randombit/botan/security/advisories/GHSA-w4g2-7m2h-7xj7
reference_id GHSA-w4g2-7m2h-7xj7
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-02T14:55:26Z/
url https://github.com/randombit/botan/security/advisories/GHSA-w4g2-7m2h-7xj7
6
reference_url https://usn.ubuntu.com/7586-1/
reference_id USN-7586-1
reference_type
scores
url https://usn.ubuntu.com/7586-1/
fixed_packages
0
url pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.3%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
1
url pkg:deb/debian/botan@2.19.4%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/botan@2.19.4%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.4%252Bdfsg-1%3Fdistro=trixie
2
url pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
purl pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.5%252Bdfsg-4%3Fdistro=trixie
aliases CVE-2024-34703
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vgqy-r4ed-4bcv
10
url VCID-w192-d7k6-h3a3
vulnerability_id VCID-w192-d7k6-h3a3
summary Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 (used in Chacha-Poly1305 and x25519). An addition can be skipped if a carry is not set. This was observed for GCC 11.3.0 with -O2 on MIPS, and GCC on x86-i386. (Only 32-bit processors can be affected.)
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-50383
reference_id
reference_type
scores
0
value 0.00144
scoring_system epss
scoring_elements 0.34753
published_at 2026-04-02T12:55:00Z
1
value 0.00144
scoring_system epss
scoring_elements 0.34693
published_at 2026-04-12T12:55:00Z
2
value 0.00144
scoring_system epss
scoring_elements 0.34732
published_at 2026-04-11T12:55:00Z
3
value 0.00144
scoring_system epss
scoring_elements 0.34728
published_at 2026-04-09T12:55:00Z
4
value 0.00144
scoring_system epss
scoring_elements 0.347
published_at 2026-04-08T12:55:00Z
5
value 0.00144
scoring_system epss
scoring_elements 0.34656
published_at 2026-04-07T12:55:00Z
6
value 0.00144
scoring_system epss
scoring_elements 0.34779
published_at 2026-04-04T12:55:00Z
7
value 0.00173
scoring_system epss
scoring_elements 0.38682
published_at 2026-04-16T12:55:00Z
8
value 0.00173
scoring_system epss
scoring_elements 0.38634
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-50383
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50383
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086039
reference_id 1086039
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086039
4
reference_url https://arxiv.org/pdf/2410.13489
reference_id 2410.13489
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T19:53:31Z/
url https://arxiv.org/pdf/2410.13489
5
reference_url https://github.com/randombit/botan/compare/3.5.0...3.6.0
reference_id 3.5.0...3.6.0
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T19:53:31Z/
url https://github.com/randombit/botan/compare/3.5.0...3.6.0
6
reference_url https://github.com/randombit/botan/commit/53b0cfde580e86b03d0d27a488b6c134f662e957
reference_id 53b0cfde580e86b03d0d27a488b6c134f662e957
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T19:53:31Z/
url https://github.com/randombit/botan/commit/53b0cfde580e86b03d0d27a488b6c134f662e957
7
reference_url https://news.ycombinator.com/item?id=41887153
reference_id item?id=41887153
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T19:53:31Z/
url https://news.ycombinator.com/item?id=41887153
8
reference_url https://usn.ubuntu.com/7586-1/
reference_id USN-7586-1
reference_type
scores
url https://usn.ubuntu.com/7586-1/
fixed_packages
0
url pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.3%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
1
url pkg:deb/debian/botan@2.19.5%2Bdfsg-3?distro=trixie
purl pkg:deb/debian/botan@2.19.5%2Bdfsg-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.5%252Bdfsg-3%3Fdistro=trixie
2
url pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
purl pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.5%252Bdfsg-4%3Fdistro=trixie
aliases CVE-2024-50383
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w192-d7k6-h3a3
11
url VCID-wqt2-m3gv-6fgk
vulnerability_id VCID-wqt2-m3gv-6fgk
summary Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125 rules, they should not match. This only affects certificates issued to the same domain as the host, so to impersonate a host one must already have a wildcard certificate matching other hosts in the same domain. For example, b*.example.com would match some hostnames that do not begin with a 'b' character.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-9127
reference_id
reference_type
scores
0
value 0.00179
scoring_system epss
scoring_elements 0.3933
published_at 2026-04-01T12:55:00Z
1
value 0.00179
scoring_system epss
scoring_elements 0.39492
published_at 2026-04-02T12:55:00Z
2
value 0.00179
scoring_system epss
scoring_elements 0.39515
published_at 2026-04-04T12:55:00Z
3
value 0.00179
scoring_system epss
scoring_elements 0.39429
published_at 2026-04-07T12:55:00Z
4
value 0.00179
scoring_system epss
scoring_elements 0.39485
published_at 2026-04-08T12:55:00Z
5
value 0.00179
scoring_system epss
scoring_elements 0.395
published_at 2026-04-09T12:55:00Z
6
value 0.00179
scoring_system epss
scoring_elements 0.39511
published_at 2026-04-11T12:55:00Z
7
value 0.00179
scoring_system epss
scoring_elements 0.39472
published_at 2026-04-12T12:55:00Z
8
value 0.00179
scoring_system epss
scoring_elements 0.39455
published_at 2026-04-13T12:55:00Z
9
value 0.00179
scoring_system epss
scoring_elements 0.39507
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-9127
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9127
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9127
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894648
reference_id 894648
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894648
fixed_packages
0
url pkg:deb/debian/botan@2.4.0-5?distro=trixie
purl pkg:deb/debian/botan@2.4.0-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.4.0-5%3Fdistro=trixie
1
url pkg:deb/debian/botan@2.17.3%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/botan@2.17.3%2Bdfsg-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4813-s8rk-xqcz
1
vulnerability VCID-9kx4-w9uw-vybp
2
vulnerability VCID-9us9-jyfu-hqdg
3
vulnerability VCID-sfcs-71wr-wbf4
4
vulnerability VCID-vgqy-r4ed-4bcv
5
vulnerability VCID-w192-d7k6-h3a3
6
vulnerability VCID-xffg-w6fz-yqfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.17.3%252Bdfsg-2%3Fdistro=trixie
2
url pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.3%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
purl pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.5%252Bdfsg-4%3Fdistro=trixie
aliases CVE-2018-9127
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wqt2-m3gv-6fgk
12
url VCID-xffg-w6fz-yqfj
vulnerability_id VCID-xffg-w6fz-yqfj
summary 
Use of a Broken or Risky Cryptographic Algorithm
The ElGamal implementation in Botan, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-40529
reference_id
reference_type
scores
0
value 0.003
scoring_system epss
scoring_elements 0.53363
published_at 2026-04-16T12:55:00Z
1
value 0.003
scoring_system epss
scoring_elements 0.53242
published_at 2026-04-01T12:55:00Z
2
value 0.003
scoring_system epss
scoring_elements 0.53265
published_at 2026-04-02T12:55:00Z
3
value 0.003
scoring_system epss
scoring_elements 0.53291
published_at 2026-04-04T12:55:00Z
4
value 0.003
scoring_system epss
scoring_elements 0.5326
published_at 2026-04-07T12:55:00Z
5
value 0.003
scoring_system epss
scoring_elements 0.53312
published_at 2026-04-08T12:55:00Z
6
value 0.003
scoring_system epss
scoring_elements 0.53307
published_at 2026-04-09T12:55:00Z
7
value 0.003
scoring_system epss
scoring_elements 0.53357
published_at 2026-04-11T12:55:00Z
8
value 0.003
scoring_system epss
scoring_elements 0.53341
published_at 2026-04-12T12:55:00Z
9
value 0.003
scoring_system epss
scoring_elements 0.53325
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-40529
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40529
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40529
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993840
reference_id 993840
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993840
3
reference_url https://security.archlinux.org/AVG-2362
reference_id AVG-2362
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2362
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-40529
reference_id CVE-2021-40529
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-40529
5
reference_url https://security.gentoo.org/glsa/202208-14
reference_id GLSA-202208-14
reference_type
scores
url https://security.gentoo.org/glsa/202208-14
fixed_packages
0
url pkg:deb/debian/botan@2.18.1%2Bdfsg-3?distro=trixie
purl pkg:deb/debian/botan@2.18.1%2Bdfsg-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.18.1%252Bdfsg-3%3Fdistro=trixie
1
url pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/botan@2.19.3%2Bdfsg-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.3%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
purl pkg:deb/debian/botan@2.19.5%2Bdfsg-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.5%252Bdfsg-4%3Fdistro=trixie
aliases CVE-2021-40529
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xffg-w6fz-yqfj
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/botan@2.19.5%252Bdfsg-4%3Fdistro=trixie