Loading
Generated remediation guidance and an executive summary. No account required.
In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be computed. Some API callers may use the returned (incorrect and attacker controlled) length field in a way which later causes memory corruption or other failure.
Use CWE-190, Botan Project vendor hub and Botan product page to widen CVE-2016-9132 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2021-24115, CVE-2026-34580 and CVE-2022-43705 for nearby disclosures in the same product family.