CVE-2026-33936
Description
The ecdsa PyPI package is a pure Python implementation of ECC (Elliptic Curve Cryptography) with support for ECDSA (Elliptic Curve Digital Signature Algorithm), EdDSA (Edwards-curve Digital Signature Algorithm) and ECDH (Elliptic Curve Diffie-Hellman). Prior to version 0.19.2, an issue in the low-level DER parsing functions can cause unexpected exceptions to be raised from the public API functions. ecdsa.der.remove_octet_string() accepts truncated DER where the encoded length exceeds the available buffer. For example, an OCTET STRING that declares a length of 4096 bytes but provides only 3 bytes is parsed successfully instead of being rejected. Because of that, a crafted DER input can cause SigningKey.from_der() to raise an internal exception (IndexError: index out of bounds on dimension 1) rather than cleanly rejecting malformed DER (e.g., raising UnexpectedDER or ValueError). Applications that parse untrusted DER private keys may crash if they do not handle unexpected exceptions, resulting in a denial of service. Version 0.19.2 patches the issue.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
ecdsaPyPI | < 0.19.2 | 0.19.2 |
Affected products
1Patches
1bd66899550d7Merge commit from fork
2 files changed · +26 −0
src/ecdsa/der.py+6 −0 modified@@ -163,6 +163,8 @@ def remove_constructed(string): ) tag = s0 & 0x1F length, llen = read_length(string[1:]) + if length > len(string) - 1 - llen: + raise UnexpectedDER("Length longer than the provided buffer") body = string[1 + llen : 1 + llen + length] rest = string[1 + llen + length :] return tag, body, rest @@ -206,6 +208,8 @@ def remove_implicit(string, exp_class="context-specific"): tag = s0 & 0x1F length, llen = read_length(string[1:]) + if length > len(string) - 1 - llen: + raise UnexpectedDER("Length longer than the provided buffer") body = string[1 + llen : 1 + llen + length] rest = string[1 + llen + length :] return tag, body, rest @@ -229,6 +233,8 @@ def remove_octet_string(string): n = str_idx_as_int(string, 0) raise UnexpectedDER("wanted type 'octetstring' (0x04), got 0x%02x" % n) length, llen = read_length(string[1:]) + if length > len(string) - 1 - llen: + raise UnexpectedDER("Length longer than the provided buffer") body = string[1 + llen : 1 + llen + length] rest = string[1 + llen + length :] return body, rest
src/ecdsa/test_der.py+20 −0 modified@@ -600,3 +600,23 @@ def test_oids(ids): decoded_oid, rest = remove_object(encoded_oid) assert rest == b"" assert decoded_oid == ids + +def test_remove_octet_string_rejects_truncated_length(): + # OCTET STRING: declared length 4096, but only 3 bytes present + bad = b"\x04\x82\x10\x00" + b"ABC" + with pytest.raises(UnexpectedDER, match="Length longer than the provided buffer"): + remove_octet_string(bad) + +def test_remove_constructed_rejects_truncated_length(): + # Constructed tag: 0xA0 (context-specific constructed, tag=0) + # declared length 4096, but only 3 bytes present + bad = b"\xA0\x82\x10\x00" + b"ABC" + with pytest.raises(UnexpectedDER, match="Length longer than the provided buffer"): + remove_constructed(bad) + +def test_remove_implicit_rejects_truncated_length(): + # IMPLICIT primitive context-specific tag 0: 0x80 + # declared length 4096, but only 3 bytes present + bad = b"\x80\x82\x10\x00" + b"ABC" + with pytest.raises(UnexpectedDER, match="Length longer than the provided buffer"): + remove_implicit(bad)
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/tlsfuzzer/python-ecdsa/commit/bd66899550d7185939bf27b75713a2ac9325a9d3nvdPatchWEB
- github.com/tlsfuzzer/python-ecdsa/security/advisories/GHSA-9f5j-8jwj-x28gnvdExploitMitigationVendor AdvisoryWEB
- github.com/advisories/GHSA-9f5j-8jwj-x28gghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-33936ghsaADVISORY
- github.com/tlsfuzzer/python-ecdsa/releases/tag/python-ecdsa-0.19.2nvdProductRelease NotesWEB
News mentions
0No linked articles in our index yet.