Unrated severityNVD Advisory· Published Feb 22, 2021· Updated Aug 3, 2024
CVE-2021-24115
CVE-2021-24115
Description
In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- Botan/Botandescription
- Range: < 2.17.3
- osv-coords3 versionspkg:rpm/opensuse/Botan&distro=openSUSE%20Leap%2015.2pkg:rpm/suse/Botan&distro=SUSE%20Package%20Hub%2015%20SP1pkg:rpm/suse/Botan&distro=SUSE%20Package%20Hub%2015%20SP2
< 2.10.0-bp152.4.3.1+ 2 more
- (no CPE)range: < 2.10.0-bp152.4.3.1
- (no CPE)range: < 2.10.0-bp152.4.3.1
- (no CPE)range: < 2.10.0-bp152.4.3.1
Patches
Vulnerability mechanics
References
3- botan.randombit.net/news.htmlmitrex_refsource_CONFIRM
- github.com/randombit/botan/compare/2.17.2...2.17.3mitrex_refsource_MISC
- github.com/randombit/botan/pull/2549mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.