Nettle Project Nettle 3.7 Release Candidate 1

CPE Details

Nettle Project Nettle 3.7 Release Candidate 1
nettle_project
nettle
3.7
2021-04-08
09h25 +00:00
2021-04-19
13h48 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:nettle_project:nettle:3.7:rc1:*:*:*:*:*:*

Informations

Vendor

nettle_project

Product

nettle

Version

3.7

Update

rc1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-3580 2021-08-04 22h00 +00:00 A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.
7.5
High
CVE-2021-20305 2021-04-05 19h31 +00:00 A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.
8.1
High