CVE-2016-2850
- Source
- https://cve.org/CVERecord?id=CVE-2016-2850
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-2850.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2016-2850
- Published
- 2016-05-13T14:59:11.743Z
- Modified
- 2026-02-13T01:06:32.521761Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Botan 1.11.x before 1.11.29 does not enforce TLS policy for (1) signature algorithms and (2) ECC curves, which allows remote attackers to conduct downgrade attacks via unspecified vectors.
- References
Affected packages
Git / github.com/randombit/botan
Affected ranges
- Type
- GIT
- Repo
- https://github.com/randombit/botan
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
1.*
1.10.0
1.10.0-rc1
1.10.1
1.11.0
1.5.10
1.5.11
1.5.12
1.5.13
1.5.6
1.5.7
1.5.8
1.5.9
1.6.0
1.6.1
1.6.2
1.6.3
1.7.0
1.7.1
1.7.10
1.7.11
1.7.12
1.7.13
1.7.14
1.7.15
1.7.16
1.7.17
1.7.18
1.7.19
1.7.2
1.7.20
1.7.21
1.7.22
1.7.23
1.7.24
1.7.3
1.7.4
1.7.5
1.7.6
1.7.7
1.7.8
1.7.9
1.8.0
1.8.1
1.8.2
1.8.3
1.8.4
1.8.5
1.8.6
1.8.7
1.8.8
1.9.0
1.9.1
1.9.10
1.9.11
1.9.12
1.9.13
1.9.14
1.9.15
1.9.16
1.9.17
1.9.18
1.9.2
1.9.3
1.9.4
1.9.5
1.9.6
1.9.7
1.9.8
1.9.9