VYPR

rpm package

suse/python-ecdsa&distro=SUSE Linux Enterprise Module for Package Hub 15

pkg:rpm/suse/python-ecdsa&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015

Vulnerabilities (2)

  • CVE-2019-14859Jan 2, 2020
    affected < 0.13.3-3.3.1fixed 0.13.3-3.3.1

    A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker could

  • CVE-2019-14853Nov 26, 2019
    affected < 0.13.3-3.3.1fixed 0.13.3-3.3.1

    An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions (or no exceptions at all), which could lead to a denial of service.