CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-8804

x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-384 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.076

EPSS Ranking 91.4%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2015-8804

Nettle Project » Nettle » Version: N/A

cpe:2.3:a:nettle_project:nettle:-
Nettle Project » Nettle » Version: 2.0

cpe:2.3:a:nettle_project:nettle:2.0
Nettle Project » Nettle » Version: 2.1

cpe:2.3:a:nettle_project:nettle:2.1
Nettle Project » Nettle » Version: 2.2

cpe:2.3:a:nettle_project:nettle:2.2
Nettle Project » Nettle » Version: 2.3

cpe:2.3:a:nettle_project:nettle:2.3
Nettle Project » Nettle » Version: 2.4

cpe:2.3:a:nettle_project:nettle:2.4
Nettle Project » Nettle » Version: 2.5

cpe:2.3:a:nettle_project:nettle:2.5
Nettle Project » Nettle » Version: 2.6

cpe:2.3:a:nettle_project:nettle:2.6
Nettle Project » Nettle » Version: 2.7

cpe:2.3:a:nettle_project:nettle:2.7
Nettle Project » Nettle » Version: 3.0

cpe:2.3:a:nettle_project:nettle:3.0
Nettle Project » Nettle » Version: 3.1

cpe:2.3:a:nettle_project:nettle:3.1
Nettle Project » Nettle » Version: 3.1.1

cpe:2.3:a:nettle_project:nettle:3.1.1
Canonical » Ubuntu Linux » Version: 14.04

cpe:2.3:o:canonical:ubuntu_linux:14.04
Canonical » Ubuntu Linux » Version: 15.10

cpe:2.3:o:canonical:ubuntu_linux:15.10
Opensuse » Leap » Version: 42.1

cpe:2.3:o:opensuse:leap:42.1
Opensuse » Opensuse » Version: 13.1

cpe:2.3:o:opensuse:opensuse:13.1
Opensuse » Opensuse » Version: 13.2

cpe:2.3:o:opensuse:opensuse:13.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-8804

Products

Pricing

Contact Us