Search CVE reports


Toggle filters

1 – 8 of 8 results


CVE-2023-36660

Medium priority
Not affected

The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption.

1 affected packages

nettle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nettle Not affected Not affected Not affected Not affected
Show less packages

CVE-2021-3580

Medium priority

Some fixes available 4 of 6

A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.

1 affected packages

nettle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nettle Not affected Fixed Fixed Ignored
Show less packages

CVE-2021-20305

Medium priority

Some fixes available 12 of 13

A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called...

1 affected packages

nettle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nettle Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2018-16869

Low priority

Some fixes available 1 of 4

A Bleichenbacher type side-channel based padding oracle attack was found in the way nettle handles endian conversion of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run a process on the same physical core as...

1 affected packages

nettle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nettle Not affected Not affected Fixed Ignored
Show less packages

CVE-2016-6489

Medium priority

Some fixes available 4 of 5

The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack.

1 affected packages

nettle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nettle Fixed
Show less packages

CVE-2015-8805

Medium priority

Some fixes available 2 of 3

The ecc_256_modq function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have...

1 affected packages

nettle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nettle Not affected
Show less packages

CVE-2015-8804

Medium priority

Some fixes available 2 of 3

x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-384 NIST elliptic curve, which allows attackers to have unspecified impact via...

1 affected packages

nettle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nettle Not affected
Show less packages

CVE-2015-8803

Medium priority

Some fixes available 2 of 3

The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have...

1 affected packages

nettle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nettle Not affected
Show less packages