Lucene search
GoogleOSV:CVE-2021-43569HistoryNov 09, 2021 - 10:15 p.m.
CVE-2021-43569
2021-11-0922:15:07
Google
osv.dev
6
The verify function in the Stark Bank .NET ECDSA library (ecdsa-dotnet) 1.3.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ecdsa-dotnet | eq | 1.1.0 | |
| ecdsa-dotnet | eq | 1.0.0 | |
| ecdsa-dotnet | eq | 1.2.0 | |
| ecdsa-dotnet | eq | 1.2.1 | |
| ecdsa-dotnet | eq | 1.3.1 | |
| ecdsa-dotnet | eq | 1.3.0 | |
| ecdsa-dotnet | eq | 1.3.2 |
Related
nvd
nvd
CVE-2021-43569
2021-11-09 22:15:07
cvelist
cvelist
CVE-2021-43569
2021-11-09 21:05:06
github
github
Improper Verification of Cryptographic Signature in starkbank-ecdsa
2021-11-10 20:58:03
osv
osv
Improper Verification of Cryptographic Signature in starkbank-ecdsa
2021-11-10 20:58:03
veracode
veracode
Signature Verification Bypass
2021-11-11 07:13:43
prion
prion
Design/Logic Flaw
2021-11-09 22:15:00
cve
cve
CVE-2021-43569
2021-11-09 22:15:07
