Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:apk/alpine/botan@2.18.1-r3?arch=aarch64&distroversion=v3.17&reponame=main
purl pkg:apk/alpine/botan@2.18.1-r3?arch=aarch64&distroversion=v3.17&reponame=main
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-xffg-w6fz-yqfj Use of a Broken or Risky Cryptographic Algorithm The ElGamal implementation in Botan, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP. CVE-2021-40529

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-03T17:55:05.183362+00:00 Alpine Linux Importer Fixing VCID-xffg-w6fz-yqfj https://secdb.alpinelinux.org/v3.17/main.json 38.1.0