Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Nettle
(Nettle_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 8 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-04-14 | CVE-2016-6489 | The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack. | Ubuntu_linux, Nettle, Enterprise_linux_desktop, Enterprise_linux_hpc_node, Enterprise_linux_server, Enterprise_linux_workstation | 7.5 | ||
| 2016-02-23 | CVE-2015-8805 | The ecc_256_modq function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than CVE-2015-8803. | Ubuntu_linux, Nettle, Leap, Opensuse | 9.8 | ||
| 2016-02-23 | CVE-2015-8804 | x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-384 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors. | Ubuntu_linux, Nettle, Leap, Opensuse | 9.8 | ||
| 2016-02-23 | CVE-2015-8803 | The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than CVE-2015-8805. | Ubuntu_linux, Nettle, Leap, Opensuse | 9.8 |