nettle

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description A low-level cryptographic library
Version 3.7.3-1 [core]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2052 3.7.2-1 3.7.3-1 Medium Fixed
AVG-1763 3.7.1-1 3.7.2-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2021-20305 AVG-1763 High Yes Signature forgery
A security issue was found in Nettle, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve...
CVE-2021-3580 AVG-2052 Medium Yes Denial of service
Multiple issues were found with Nettle's RSA decryption functions before version 3.7.3. These can be triggered by providing manipulated ciphertext and could...

Advisories

Date Advisory Group Severity Type
09 Jun 2021 ASA-202106-28 AVG-2052 Medium denial of service