VYPR

rpm package

suse/python-ecdsa&distro=SUSE OpenStack Cloud Crowbar 9

pkg:rpm/suse/python-ecdsa&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209

Vulnerabilities (2)

  • CVE-2019-14859Jan 2, 2020
    affected < 0.13.3-5.10.1fixed 0.13.3-5.10.1

    A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker could

  • CVE-2019-14853Nov 26, 2019
    affected < 0.13.3-5.10.1fixed 0.13.3-5.10.1

    An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions (or no exceptions at all), which could lead to a denial of service.