Published: 23/01/2024 Updated: 06/02/2024

CVSS v3 Base Score: 7.4 | Impact Score: 5.2 | Exploitability Score: 2.2

VMScore: 0

The `ecdsa` PyPI package is a pure Python implementation of ECC (Elliptic Curve Cryptography) with support for ECDSA (Elliptic Curve Digital Signature Algorithm), EdDSA (Edwards-curve Digital Signature Algorithm) and ECDH (Elliptic Curve Diffie-Hellman). Versions 0.18.0 and prior are vulnerable to the Minerva attack. As of time of publication, no known patched version exists.

Vulnerable Product	Search on Vulmon	Subscribe to Product
tlsfuzzer ecdsa

DescriptionA flaw was found in the `ecdsa` PyPI package, a pure Python implementation of ECC (Elliptic Curve Cryptography) with support for ECDSA (Elliptic Curve Digital Signature Algorithm), EdDSA (Edwards-curve Digital Signature Algorithm) and ECDH (Elliptic Curve Diffie-Hellman) Versions 0180 and prior may be vulnerable to the Minerva ...

Dummy project for learning purposes. A Fastapi - Flask blog application.

DUMMY APP FOR LEARNING PURPOSES This is dummy blog application I'm still working on it The FrontEnd is based a startbootstrap's template (startbootstrapcom/) I focus more on technologies and how bind it for a project This is the aim So for example, typically the FrontEnd will change, but i do not pay much attention to the HTML-CSS part About Vault and s

CWE-203 CWE-208 CWE-385 https://github.com/tlsfuzzer/python-ecdsa/security/advisories/GHSA-wj6h-64fc-37mp https://github.com/tlsfuzzer/python-ecdsa/blob/master/SECURITY.md https://minerva.crocs.fi.muni.cz/https://securitypitfalls.wordpress.com/2018/08/03/constant-time-compare-in-python/https://nvd.nist.gov https://github.com/memphis-tools/dummy_fastapi_flask_blog_app https://access.redhat.com/security/cve/cve-2024-23342

CVE-2024-23342

Vulnerability Summary

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect