Vulnerabilities > Botan Project > Botan > 1.9.17

DATE CVE VULNERABILITY TITLE RISK
2016-05-13 CVE-2016-2194 Improper Input Validation vulnerability in multiple products
The ressol function in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (infinite loop) via unspecified input to the OS2ECP function, related to a composite modulus.
network
low complexity
debian botan-project CWE-20
5.0
5.0
2016-05-13 CVE-2015-7827 Information Exposure vulnerability in multiple products
Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for remote attackers to conduct million-message attacks by measuring time differences, related to decoding of PKCS#1 padding.
network
low complexity
fedoraproject botan-project debian CWE-200
5.0
5.0
2016-05-13 CVE-2014-9742 Cryptographic Issues vulnerability in Botan Project Botan
The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before 1.11.9 improperly uses a single random base, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a DH group.
network
low complexity
botan-project CWE-310
5.0
5.0