Botan Project: >> Botan >> 0.7.9 Security Vulnerabilities
The ressol function in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (infinite loop) via unspecified input to the OS2ECP function, related to a composite modulus.
CVSS Score
7.5
EPSS Score
0.017
Published
2016-05-13
Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for remote attackers to conduct million-message attacks by measuring time differences, related to decoding of PKCS#1 padding.
CVSS Score
7.5
EPSS Score
0.006
Published
2016-05-13
The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before 1.11.9 improperly uses a single random base, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a DH group.
CVSS Score
7.5
EPSS Score
0.003
Published
2016-05-13
Page 2