Описание
An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions (or no exceptions at all), which could lead to a denial of service.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| python-ecdsa | fixed | 0.13.3-1 | package |
Примечания
https://github.com/warner/python-ecdsa/issues/114
Upstream patches:
https://github.com/warner/python-ecdsa/pull/115
https://github.com/warner/python-ecdsa/pull/124
Fix for CVE-2019-14853 fixes as well CVE-2019-14859.
EPSS
Связанные уязвимости
An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions (or no exceptions at all), which could lead to a denial of service.
An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions (or no exceptions at all), which could lead to a denial of service.
An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions (or no exceptions at all), which could lead to a denial of service.
ecdsa Denial of Service vulnerability in signature verification and signature malleability
Уязвимость криптографической библиотеки Python ECDSA, связанная с недостаточной обработкой исключительных состояний, позволяющая нарушителю вызвать отказ в обслуживании
EPSS