CVE-2021-3580

Severity CVSS v4.0:
Pending analysis
Type:
CWE-20 Input Validation
Publication date:
05/08/2021
Last modified:
16/01/2024

Description

A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:nettle_project:nettle:*:*:*:*:*:*:*:* 3.7.3 (excluding)
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*