Vulnerabilities > Nettle Project > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-05 | CVE-2021-3580 | A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. | 7.5 |
| 2021-04-05 | CVE-2021-20305 | Out-of-bounds Write vulnerability in multiple products A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. | 8.1 |
| 2017-04-14 | CVE-2016-6489 | Information Exposure Through Discrepancy vulnerability in multiple products The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack. | 7.5 |