5 matches found
python-ecdsa: Denial of Service via improper DER length validation in crafted private keys
...
CVE-2026-33936 python-ecdsa: Denial of Service via improper DER length validation in crafted private keys
The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Prior to version 0.19.2, an issue in the low-level D...
CVE-2026-33936 python-ecdsa: Denial of Service via improper DER length validation in crafted private keys
The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Prior to version 0.19.2, an issue in the low-level D...
New Infinite Loop Bug in OpenSSL Could Let Attackers Crash Remote Servers
The maintainers of OpenSSL have shipped patches to resolve a high-severity security flaw in its software library that could lead to a denial-of-service DoS condition when parsing certificates. Tracked as CVE-2022-0778 CVSS score: 7.5, the issue stems from parsing a malformed certificate with...
Important: openssl
Issue Overview: The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve...