Lucene search
K

5 matches found

vulnersOsv
vulnersOsv
added 2024/02/24 6:30 a.m.4 views

bakers-registry (>=0.1.1 <=0.1.7), bitcoinlib (>=0.5.1 <=0.6.3) +12 more potentially affected by CVE-2024-21502 via fastecdsa (>=1.6.4 <=2.3.0)

fastecdsa PYPI version =1.6.4, =0.1.1, =0.5.1, =0.1.0, =0.7.3, =0.1.1, =0.1.0, =2.0.0, =0.1.0a28, =1.0.1, =1.0.0, =0.1.0, =0.4.3 - xchainpy-bitcoin =0.1.2 Source cves: CVE-2024-21502 Source advisory: OSV:GHSA-PH86-G9R3-5QW4...

7.5CVSS7.1AI score0.01025EPSS
Exploits1
Circl
Circl
added 2024/02/24 6:26 a.m.11 views

CVE-2024-21502

creationtimestamp| type| source ---|---|--- 2024-02-24 06:26:26+00:00| seen| https://t.me/ctinow/192438 2024-02-24 06:26:32+00:00| seen| https://t.me/ctinow/192441 2025-02-12 19:10:19+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/4131 2025-02-12 22:09:52+00:00|...

7.5CVSS7.3AI score0.01025EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2024/02/24 5:15 a.m.9 views

bakers-registry (>=0.1.1 <=0.1.7), bitcoinlib (>=0.5.1 <=0.6.3) +12 more potentially affected by CVE-2024-21502 via fastecdsa (>=1.6.4 <=2.3.0)

fastecdsa PYPI version =1.6.4, =0.1.1, =0.5.1, =0.1.0, =0.7.3, =0.1.1, =0.1.0, =2.0.0, =0.1.0a28, =1.0.1, =1.0.0, =0.1.0, =0.4.3 - xchainpy-bitcoin =0.1.2 Source cves: CVE-2024-21502 Source advisory: OSV:PYSEC-2024-39...

7.5CVSS7.1AI score0.01025EPSS
Exploits1
CVE
CVE
added 2024/02/24 5:0 a.m.132 views

CVE-2024-21502

CVE-2024-21502 affects the fastecdsa library prior to 2.3.2. The root cause is a Use of Uninitialized Variable on the stack in the curvemath_mul function (src/curveMath.c), where a value is interpreted as a user-defined type. Depending on the value, an attacker-controlled stack can cause arbitrar...

7.5CVSS7.5AI score0.01025EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2024/02/24 5:0 a.m.66 views

CVE-2024-21502

Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free, arbitrary...

7.5CVSS7.7AI score0.01025EPSS
Exploits1References4
Rows per page
Query Builder