Vulnerabilities > Nettle Project > Nettle > 3.2

DATE CVE VULNERABILITY TITLE RISK
2021-08-05 CVE-2021-3580 A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext.
network
low complexity
nettle-project redhat debian netapp
7.5
2021-04-05 CVE-2021-20305 Out-of-bounds Write vulnerability in multiple products
A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results.
8.1
2018-12-03 CVE-2018-16869 Information Exposure Through Discrepancy vulnerability in Nettle Project Nettle
A Bleichenbacher type side-channel based padding oracle attack was found in the way nettle handles endian conversion of RSA decrypted PKCS#1 v1.5 data.
high complexity
nettle-project CWE-203
5.7
2017-04-14 CVE-2016-6489 Information Exposure Through Discrepancy vulnerability in multiple products
The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack.
network
low complexity
redhat canonical nettle-project CWE-203
7.5