Nettle Project Nettle 3.7 Release Candidate 1

CPE Details

Nettle Project Nettle 3.7 Release Candidate 1
nettle_project
nettle
3.7
2021-04-08
09h25 +00:00
2021-04-19
13h48 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:nettle_project:nettle:3.7:rc1:*:*:*:*:*:*

Informations

Vendor

nettle_project

Product

nettle

Version

3.7

Update

rc1

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-3580 2021-08-04 22h00 +00:00 A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.
7.5
Haute
CVE-2021-20305 2021-04-05 19h31 +00:00 A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.
8.1
Haute