nettle
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | A low-level cryptographic library |
| Version | 3.10-1 [core] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2052 | 3.7.2-1 | 3.7.3-1 | Medium | Fixed | |
| AVG-1763 | 3.7.1-1 | 3.7.2-1 | High | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-20305 | AVG-1763 | High | Yes | Signature forgery | A security issue was found in Nettle, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve... |
| CVE-2021-3580 | AVG-2052 | Medium | Yes | Denial of service | Multiple issues were found with Nettle's RSA decryption functions before version 3.7.3. These can be triggered by providing manipulated ciphertext and could... |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 09 Jun 2021 | ASA-202106-28 | AVG-2052 | Medium | denial of service |