CVE-2021-20305 log

Severity High
Remote Yes
Type Signature forgery
A security issue was found in Nettle, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation.
Group Package Affected Fixed Severity Status Ticket
AVG-1763 nettle 3.7.1-1 3.7.2-1 High Fixed