CVE-2016-2850

Botan 1.11.x before 1.11.29 does not enforce TLS policy for (1) signature algorithms and (2) ECC curves, which allows remote attackers to conduct downgrade attacks via unspecified vectors.
Configurations

Configuration 1 (hide)

cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:botan_project:botan:1.11.0:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.1:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.2:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.3:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.4:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.5:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.6:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.7:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.8:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.9:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.10:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.11:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.12:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.13:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.14:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.15:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.16:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.17:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.18:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.19:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.20:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.21:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.22:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.23:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.24:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.25:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.26:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.27:*:*:*:*:*:*:*
cpe:2.3:a:botan_project:botan:1.11.28:*:*:*:*:*:*:*

History

No history.

Information

Published : 2016-05-13 14:59

Updated : 2024-02-04 18:53


NVD link : CVE-2016-2850

Mitre link : CVE-2016-2850

CVE.ORG link : CVE-2016-2850


JSON object : View

Products Affected

botan_project

  • botan

fedoraproject

  • fedora
CWE
CWE-20

Improper Input Validation