AZL-6741 CVE-2021-3580 affecting package nettle for versions less than 3.7.3-1

🗓️ 05 Aug 2021 21:15:12Reported by GoogleType

osv🔗 osv.dev👁 1 Views

AZL-6741: Nettle asymmetric decryption flaw with crafted ciphertext causes crash and denial of service in versions below 3.7.3-1.

Reporter	Title	Published	Views	Family All 138
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities found in open source code that is shipped with IBM Security Verify Governance, Identity Manager virtual appliance component	20 Jul 202215:54	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Sterling Connect:Direct for UNIX Certified Container is affected by multiple vulnerabilities in Red Hat Universal Base Image version 8.4-206.1626828523 and Binutils version 2.30-93	14 Mar 202220:12	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from gzip, jackson-databind, libssh, gnutls, nettle and zlib	25 May 202214:55	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM is vulnerable to using components with Known Vulnerabilities	25 Apr 202214:44	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities	12 Jan 202317:22	–	ibm
ATTACKERKB	CVE-2021-3580	5 Aug 202121:15	–	attackerkb
Tenable Nessus	AlmaLinux 8 : gnutls and nettle (ALSA-2021:4451)	9 Feb 202200:00	–	nessus
Tenable Nessus	CentOS 8 : gnutls and nettle (CESA-2021:4451)	11 Nov 202100:00	–	nessus
Tenable Nessus	Debian DLA-2760-1 : nettle - LTS security update	19 Sep 202100:00	–	nessus
Tenable Nessus	Debian DSA-4933-1 : nettle - security update	21 Jun 202100:00	–	nessus

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-3580

21 Apr 2026 04:38Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.17.5

EPSS0.00104