Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJtcmotNDM1di1jMmNy

Duplicate Advisory: possible DoS caused by malformed signature decoding in Pure-Python ECDSA

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-pwfw-mgfj-7g3g. This link is maintained to preserve external references.

Permalink: https://github.com/advisories/GHSA-2mrj-435v-c2cr
JSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJtcmotNDM1di1jMmNy
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: about 5 years ago
Updated: 3 months ago

Widthdrawn: over 4 years ago

Identifiers: GHSA-2mrj-435v-c2cr
References:

Repository: https://github.com/warner/python-ecdsa
Blast Radius: 0.0

Affected Packages

pypi:ecdsa

Dependent packages: 252
Dependent repositories: 15,243
Downloads: 14,861,285 last month
Affected Version Ranges: < 0.13.3
Fixed in: 0.13.3
All affected versions: 0.13.1, 0.13.2
All unaffected versions: 0.13.3, 0.14.1, 0.16.0, 0.16.1, 0.17.0, 0.18.0, 0.19.0