rpm package
suse/libnettle&distro=SUSE Linux Enterprise Software Development Kit 12
pkg:rpm/suse/libnettle&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-8805 | Cri | 9.8 | < 2.7.1-9.1 | 2.7.1-9.1 | Feb 23, 2016 | The ecc_256_modq function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerab | |
| CVE-2015-8804 | Cri | 9.8 | < 2.7.1-9.1 | 2.7.1-9.1 | Feb 23, 2016 | x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-384 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors. | |
| CVE-2015-8803 | Cri | 9.8 | < 2.7.1-9.1 | 2.7.1-9.1 | Feb 23, 2016 | The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerab |
- affected < 2.7.1-9.1fixed 2.7.1-9.1
The ecc_256_modq function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerab
- affected < 2.7.1-9.1fixed 2.7.1-9.1
x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-384 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors.
- affected < 2.7.1-9.1fixed 2.7.1-9.1
The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerab