Skip to main content
CVE-2015-8803 CRITICAL PATCH Act Now

The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 12.3%.

Information Disclosure Nettle Ubuntu Linux Leap Opensuse
NVD
CVSS 3.0
9.8
EPSS
12.3%
CVE-2015-8804 CRITICAL PATCH Act Now

x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-384 NIST elliptic curve, which allows attackers to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 11.9%.

Information Disclosure Nettle Ubuntu Linux Leap Opensuse
NVD
CVSS 3.0
9.8
EPSS
11.9%
CVE-2015-8805 CRITICAL PATCH Act Now

The ecc_256_modq function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Nettle Ubuntu Linux Leap Opensuse
NVD
CVSS 3.0
9.8
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy