NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-44378

Summary	Botan is a C++ cryptography library. Prior to 3.12.0, certain patterns of indefinite length encodings in BER data could cause quadratic behavior in the parser, resulting in a denial of service. Such BER encodings were accepted even in structures which are required to be encoded as DER, which prohibits indefinite length encodings. This vulnerability is fixed in 3.12.0.
Publication Date	May 28, 2026, 3:16 a.m.
Registration Date	May 28, 2026, 4:15 a.m.
Last Update	May 28, 2026, 3:16 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/randombit/botan/security/advisories/GHSA-7q2v-3g27-6g3j	security-advisories@github.com

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-407	アルゴリズムの複雑性	https://cwe.mitre.org/data/definitions/407.html