CVE-2016-6878

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2016-6878

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-6878.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-6878

Published

2017-04-10T15:59:00.330Z

Modified

2026-04-10T03:52:59.523156Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

The Curve25519 code in botan before 1.11.31, on systems without a native 128-bit integer type, might allow attackers to have unspecified impact via vectors related to undefined behavior, as demonstrated on 32-bit ARM systems compiled by Clang.

References

https://botan.randombit.net/security.html#id2

Affected packages

Git / github.com/randombit/botan

Affected ranges

Type

GIT

Repo

https://github.com/randombit/botan

Events

Introduced

Last affected

0b6d2a853638206dfa43420d5419e8b719505cc7

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.11.30"
        }
    ]
}

Affected versions

1.*

1.10.0

1.10.0-rc1

1.10.1

1.11.0

1.11.10

1.11.11

1.11.12

1.11.13

1.11.14

1.11.15

1.11.16

1.11.17

1.11.18

1.11.19

1.11.2

1.11.20

1.11.21

1.11.22

1.11.23

1.11.24

1.11.25

1.11.26

1.11.27

1.11.28

1.11.29

1.11.3

1.11.30

1.11.5

1.11.6

1.11.7

1.11.8

1.11.9

1.5.10

1.5.11

1.5.12

1.5.13

1.5.6

1.5.7

1.5.8

1.5.9

1.6.0

1.6.1

1.7.0

1.7.1

1.7.10

1.7.11

1.7.15

1.7.16

1.7.17

1.7.18

1.7.19

1.7.20

1.7.21

1.7.22

1.7.23

1.7.24

1.7.3

1.7.4

1.7.5

1.7.6

1.7.7

1.7.8

1.7.9

1.8.2

1.8.3

1.8.4

1.8.5

1.8.6

1.8.7

1.8.8

1.9.10

1.9.11

1.9.12

1.9.13

1.9.14

1.9.15

1.9.16

1.9.17

1.9.18

1.9.3

1.9.4

1.9.5

1.9.6

1.9.7

1.9.8

1.9.9

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-6878.json"