VYPR

rpm package

opensuse/python-ecdsa&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/python-ecdsa&distro=openSUSE%20Tumbleweed

Vulnerabilities (4)

  • CVE-2026-33936MedMar 27, 2026
    affected < 0.19.2-1.1fixed 0.19.2-1.1

    The `ecdsa` PyPI package is a pure Python implementation of ECC (Elliptic Curve Cryptography) with support for ECDSA (Elliptic Curve Digital Signature Algorithm), EdDSA (Edwards-curve Digital Signature Algorithm) and ECDH (Elliptic Curve Diffie-Hellman). Prior to version 0.19.2,

  • CVE-2022-0778HigMar 15, 2022
    affected < 0.18.0-1.1fixed 0.18.0-1.1

    The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curv

  • CVE-2019-14859Jan 2, 2020
    affected < 0.16.1-1.5fixed 0.16.1-1.5

    A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker could

  • CVE-2019-14853Nov 26, 2019
    affected < 0.16.1-1.5fixed 0.16.1-1.5

    An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions (or no exceptions at all), which could lead to a denial of service.