rpm package
opensuse/Botan&distro=openSUSE Leap 16.0
pkg:rpm/opensuse/Botan&distro=openSUSE%20Leap%2016.0
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-34582 | Cri | 9.1 | < 3.7.1-160000.3.1 | 3.7.1-160000.3.1 | Apr 7, 2026 | Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed ApplicationData records to be processed prior to the Finished message being received. A server which is attempting to enforce client authentication via certificates can by bypassed by | |
| CVE-2026-32884 | Med | 5.9 | < 3.7.1-160000.4.1 | 3.7.1-160000.4.1 | Mar 30, 2026 | Botan is a C++ cryptography library. Prior to version 3.11.0, during processing of an X.509 certificate path using name constraints which restrict the set of allowable DNS names, if no subject alternative name is defined in the end-entity certificate Botan would check that the CN |
- affected < 3.7.1-160000.3.1fixed 3.7.1-160000.3.1
Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed ApplicationData records to be processed prior to the Finished message being received. A server which is attempting to enforce client authentication via certificates can by bypassed by
- affected < 3.7.1-160000.4.1fixed 3.7.1-160000.4.1
Botan is a C++ cryptography library. Prior to version 3.11.0, during processing of an X.509 certificate path using name constraints which restrict the set of allowable DNS names, if no subject alternative name is defined in the end-entity certificate Botan would check that the CN