Lucene search
K

8 matches found

OSV
OSV
added 2016/02/23 7:59 p.m.9 views

CVE-2015-8803

The ecc256modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than...

9.8CVSS9.7AI score
Exploits0References14
Prion
Prion
added 2016/02/23 7:59 p.m.24 views

Design/Logic Flaw

The ecc256modq function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than...

7.5CVSS9.5AI score0.04212EPSS
Exploits0References10Affected Software4
Prion
Prion
added 2016/02/23 7:59 p.m.26 views

Design/Logic Flaw

The ecc256modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than...

7.5CVSS9.5AI score0.04212EPSS
Exploits0References14Affected Software4
Cvelist
Cvelist
added 2016/02/23 7:0 p.m.37 views

CVE-2015-8803

The ecc256modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than...

8.7AI score0.04212EPSS
Exploits0References14
CVE
CVE
added 2016/02/23 7:0 p.m.86 views

CVE-2015-8803

CVE-2015-8803 affects the nettle library: the ecc_256_modp implementation for P-256 may propagate carries incorrectly in nettle before version 3.2, producing incorrect output and potentially allowing unspecified impact. Multiple Nessus reports and advisories (MiracleLinux AXSA-2016-1108, EulerOS ...

9.8CVSS8.6AI score0.04212EPSS
Exploits0References14Affected Software1
CVE
CVE
added 2016/02/23 7:0 p.m.89 views

CVE-2015-8805

Summary. The CVE-2015-8805 issue affects the nettle cryptographic library prior to version 3.2. The vulnerability is in the elliptic-curve implementation for P-256: the ecc_256_modq function in ecc-256.c does not properly handle carry propagation, producing incorrect output. This is documented al...

9.8CVSS8.6AI score0.02791EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2016/02/09 7:5 p.m.7 views

MGASA-2016-0061 Updated nettle packages fix security vulnerabilities

Updated nettle2.7 and nettle packages fix security vulnerabilities: Two carry propagation bugs in elliptic curve scalar multiplications that affect the NIST P-256 curve. The bugs are in the C code and affect multiple architectures CVE-2015-8803, CVE-2015-8805. A carry propagation bug in elliptic...

9.8CVSS9.7AI score0.04212EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2015/12/31 12:0 a.m.32 views

CVE-2015-8803

The ecc256modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than...

9.8CVSS7.1AI score0.04212EPSS
Exploits0References6
Rows per page
Query Builder