Improper Wildcard Matching in Botan 1.11.x before 1.11.22
CVE-2015-7826 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
botan 1.11.x before 1.11.22 improperly handles wildcard matching against hostnames, which might allow remote attackers to have unspecified impact via a valid X.509 certificate, as demonstrated by accepting *.example.com as a match for bar.foo.example.com.
Learn more about our Web Application Penetration Testing UK.