Medium severity6.5NVD Advisory· Published May 24, 2017· Updated Jun 17, 2026
CVE-2017-2801
CVE-2017-2801
Description
A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially crafted X509 certificate would need to be delivered to the client or server application in order to trigger this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:botan_project:botan:2.0.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:botan_project:botan:2.0.1:*:*:*:*:*:*:*
- (no CPE)range: 2.0.1
- osv-coords3 versionspkg:rpm/opensuse/Botan&distro=openSUSE%20Tumbleweedpkg:rpm/suse/Botan&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1pkg:rpm/suse/Botan&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2
< 2.18.1-1.3+ 2 more
- (no CPE)range: < 2.18.1-1.3
- (no CPE)range: < 1.10.9-3.1
- (no CPE)range: < 1.10.9-3.1
Patches
Vulnerability mechanics
References
3- talosintelligence.com/vulnerability_reports/TALOS-2017-0294nvdExploitMitigationThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/98106nvdThird Party AdvisoryUS Government Resource
- www.debian.org/security/2017/dsa-3939nvd
News mentions
0No linked articles in our index yet.