Denial Of Service (DoS)

2019-10-1401:51:28

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.002 Low

EPSS

Percentile

57.2%

JSON

python-ecdsa is vulnerable to denial of service. The package raises unexpected exceptions when a DER signature is malformed, allowing a remote attacker to crash the application by submitting malicious DER signature.

CPENameOperatorVersion
ecdsale0.13.2
python-ecdsaeq0.11__4.el7
python-ecdsaeq0.11__4.el7ost
python-ecdsaeq0.11__3.el7
python-ecdsaeq0.11__3.el7ost
python-ecdsaeq0.13.3__1.el7
python-ecdsaeq0.11__3.el7aos
python-ecdsaeq0.11__3.el7.centos

Name	Operator	Version
ecdsa	le	0.13.2
python-ecdsa	eq	0.11__4.el7
python-ecdsa	eq	0.11__4.el7ost
python-ecdsa	eq	0.11__3.el7
python-ecdsa	eq	0.11__3.el7ost
python-ecdsa	eq	0.13.3__1.el7
python-ecdsa	eq	0.11__3.el7aos
python-ecdsa	eq	0.11__3.el7.centos