CVE-2015-5727Project Botan vulnerability

CWE-3994 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.6%
top 30.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Botan Project BotanDebian Linux
Timeline
PublishedMay 13
Latest updateMay 17

Description

The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, related to a length field.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

NVDbotan_project/botan29 versions+28

Also affects: Debian Linux 8.0

🔴Vulnerability Details

2
GHSA
GHSA-455r-3288-3qq5: The BER decoder in Botan 12022-05-17
OSV
CVE-2015-5727: The BER decoder in Botan 12016-05-13

💬Community

1
Bugzilla
CVE-2015-5727 botan: excess memory allocation in BER decoder2016-02-25