Unity Linux 20.1060e / 20.1070e Security Update: nettle (UTSA-2026-016616)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016616 advisory. A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Curve...

Unity Linux 20.1060e / 20.1070e Security Update: nettle (UTSA-2026-016652)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016652 advisory. A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated cipherte...

Astra Linux - уязвимость в nettle

A flaw was discovered in Nettle versions prior to 3.7.2. In these versions, several Nettle signature verification functions—GOST DSA, EDDSA, and ECDSA—result in the Elliptic Curve Cryptography point ECC’s multiply function being called with out-of-range scalers. This may lead to incorrect results...

Astra Linux - уязвимость в nettle

A flaw was discovered in the way Nettle’s RSA decryption functions handled specially crafted ciphertext. An attacker could exploit this flaw to deliver manipulated ciphertext, resulting in application crashes and denial of service...

MiracleLinux 7 : nettle-2.7.1-9.el7 (AXSA:2021-1651:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1651:01 advisory. nettle: Out of bounds memory access in signature verification CVE-2021-20305 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : gnutls-3.6.16-4.el8, nettle-3.4.1-7.el8 (AXSA:2021-2630:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2630:02 advisory. nettle: Remote crash in RSA decryption via manipulated ciphertext CVE-2021-3580 gnutls: Use after free in client keyshare extension CVE-2021-20231...

EUVD-2015-8674

Malware in sbrugna...

EUVD-2021-7730

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-20305

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Curve...

TencentOS Server 3: nettle (TSSA-2022:0214)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0214 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Alibaba Cloud Linux 3 : 0029: gnutls and nettle (ALINUX3-SA-2021:0029)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2021:0029 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-20305: A flaw was found in Nettle in...

F5 Networks BIG-IP : Nettle vulnerability (K45616155)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K45616155 advisory. - A Bleichenbacher type side-channel based padding oracle attack was found in the way nettle handles endian conversion ...

K45616155: Nettle vulnerability CVE-2018-16869

Security Advisory Description A Bleichenbacher type side-channel based padding oracle attack was found in the way nettle handles endian conversion of RSA decrypted PKCS1 v1.5 data. An attacker who is able to run a process on the same physical core as the victim process, could use this flaw extrac...

NewStart CGSL CORE 5.05 / MAIN 5.05 : nettle Vulnerability (NS-SA-2022-0039)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has nettle packages installed that are affected by a vulnerability: - A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Cur...

ROS-2-2167

2.2167 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A vulnerability in the Nettle library involving the use of a failed cryptographic algorithm and allowing a remote attacker who has not been authenticated to execute arbitrary code.Identifier of the Information Securit...

nettle: Out of bounds memory access in signature verification

A flaw was found in Nettle, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Curve Cryptography point ECC multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Nettle vulnerability (USN-4906-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4906-1 advisory. It was discovered that Nettle incorrectly handled signature verification. A remote attacker could use this issue to cause Nettle to crash,...

USN-4906-1: Nettle vulnerability

It was discovered that Nettle incorrectly handled signature verification. A remote attacker could use this issue to cause Nettle to crash, resulting in a denial of service, or possibly force invalid signatures...

USN-4906-1 nettle vulnerability

It was discovered that Nettle incorrectly handled signature verification. A remote attacker could use this issue to cause Nettle to crash, resulting in a denial of service, or possibly force invalid signatures...

A flaw was found in Nettle in versions before 3.7.2 where several Nettle signature verification functions (GOST DSA EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality integrity as well as system availability.

...