Описание
A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially crafted X509 certificate would need to be delivered to the client or server application in order to trigger this vulnerability.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 1.10.16-1 |
| bionic | not-affected | 1.10.16-1 |
| cosmic | not-affected | 1.10.16-1 |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-apps/bionic | not-affected | 1.10.16-1 |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | released | 1.10.5-1+deb7u1ubuntu0.14.04.1+esm1 |
| esm-infra/focal | DNE |
Показывать по
7.5 High
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially crafted X509 certificate would need to be delivered to the client or server application in order to trigger this vulnerability.
A programming error exists in a way Randombit Botan cryptographic libr ...
A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially crafted X509 certificate would need to be delivered to the client or server application in order to trigger this vulnerability.
7.5 High
CVSS2
6.5 Medium
CVSS3