ecdsa@0.15 vulnerabilities
ECDSA cryptographic signature library (pure python)
-
latest version
0.18.0
-
first published
13 years ago
-
latest version published
2 years ago
-
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the ecdsa package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
ecdsa is an easy-to-use implementation of ECDSA cryptography (Elliptic Curve Digital Signature Algorithm), implemented purely in Python, released under the MIT license. Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data due to insufficient protection. For a sophisticated attacker observing just one operation with a private key will be sufficient to completely reconstruct the private key. Note: Fixes for side-channel vulnerabilities will not be developed. How to fix Missing Encryption of Sensitive Data? There is no fixed version for |
[0,)
|
ecdsa is an easy-to-use implementation of ECDSA cryptography (Elliptic Curve Digital Signature Algorithm), implemented purely in Python, released under the MIT license. Affected versions of this package are vulnerable to Timing Attack via the Notes:
How to fix Timing Attack? There is no fixed version for |
[0,)
|