{"id":"CVE-2023-36660","details":"The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption.","modified":"2026-04-10T05:01:23.090082Z","published":"2023-06-25T22:15:21.337Z","related":["openSUSE-SU-2024:13024-1"],"references":[{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202401-24"},{"type":"FIX","url":"https://bugzilla.suse.com/show_bug.cgi?id=1212112"},{"type":"FIX","url":"https://git.lysator.liu.se/nettle/nettle/-/commit/867a4548b95705291a3afdd66d76e7f17ba2618f"},{"type":"FIX","url":"https://git.lysator.liu.se/nettle/nettle/-/compare/nettle_3.9_release_20230514...nettle_3.9.1_release_20230601"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.lysator.liu.se/nettle/nettle","events":[{"introduced":"0"},{"fixed":"d2cc9b95b50440c331ee143312309951a7e8d7ca"}],"database_specific":{"versions":[{"introduced":"3.9"},{"fixed":"3.9.1"}]}}],"versions":["after_experimental_merge_20060516","before_experimental_branch_20050201","camellia_32bit_20100720","converted-master-branch-to-git","des_and_blowfish_compiles_19981216","head_before_experimental_merge_20060516","integrated_crypto_toolkit_19980903","moving_files_to_src_now","nettle_1.0_release_20010925","nettle_1.10_release_20040305","nettle_1.11_release_20041026","nettle_1.12_release_20041104","nettle_1.13_release_20051006","nettle_1.14_release_20051205","nettle_1.15_release_20061128","nettle_1.5_release_20020131","nettle_1.6_release_20021003","nettle_1.7_release_20030311","nettle_1.8_release_20040110","nettle_1.9_release_20040207","nettle_2.0_release_20090608","nettle_2.1_release_20100725","nettle_2.2_release_20110711","nettle_2.3_release_20110902","nettle_2.4_release_20110903","nettle_2.5_release_20120707","nettle_2.7_release_20130424","nettle_3.0_release_20140607","nettle_3.1.1_release_20150424","nettle_3.1_release_20150407","nettle_3.1rc1","nettle_3.1rc2","nettle_3.1rc3","nettle_3.2_release_20160128","nettle_3.3_release_20161001","nettle_3.4_release_20171119","nettle_3.4rc1","nettle_3.4rc2","nettle_3.5.1_release_20190627","nettle_3.5_release_20190626","nettle_3.5rc1","nettle_3.6_release_20200429","nettle_3.6rc1","nettle_3.6rc2","nettle_3.6rc3","nettle_3.7.1_release_20210217","nettle_3.7_release_20210104","nettle_3.7rc1","nettle_3.8_release_20220602","nettle_3.9_release_20230514","release_nettle_0.2.20010617"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"3.9"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-36660.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}