← Back

CVE-2021-3580

nvd nist
Published: Aug 5, 2021Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.

Affected (5)

Show all products
Nettle Project: Nettle · Redhat: Enterprise Linux · Debian: Debian Linux · Netapp: Ontap Select Deploy Administration Utility
Nettle Project
1 product
Nettle
Redhat
1 product
Enterprise Linux
Debian
1 product
Debian Linux
Netapp
1 product
Ontap Select Deploy Administration Utility
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Nettle
Before 3.7.3
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Redhat
Enterprise Linux
Version 7.0
Enterprise Linux
Version 8.0
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Debian Linux
Version 9.0
Configuration D
1 vulnerable
Vulnerable SoftwareAffected Versions
Ontap Select Deploy Administration Utility
All versions

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (8)

Source: secalert@redhat.com
Issue TrackingPatchThird Party Advisory
Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.