5 matches found
CVE-2021-43572
The verify function in the Stark Bank Python ECDSA library aka starkbank-escada or ecdsa-python before 2.0.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages...
c7n-mailer (>=0.6.4 <=0.6.12), jesse (>=2.2.0 <=2.3.4) +7 more potentially affected by CVE-2021-43572 via starkbank-ecdsa (>=1.0.0 <=1.1.1)
starkbank-ecdsa PYPI version =1.0.0, =0.6.4, =2.2.0, =1.0.1, =1.0.1, =1.3.0, =6.8.3, =6.9.0 - starkbank =0.1.0 Source cves: CVE-2021-43572 Source advisory: OSV:GHSA-92VM-MXJF-JQF3...
c7n-mailer (>=0.6.4 <=0.6.12), jesse (>=2.2.0 <=2.3.4) +7 more potentially affected by CVE-2021-43572 via starkbank-ecdsa (>=1.0.0 <=1.1.1)
starkbank-ecdsa PYPI version =1.0.0, =0.6.4, =2.2.0, =1.0.1, =1.0.1, =1.3.0, =6.8.3, =6.9.0 - starkbank =0.1.0 Source cves: CVE-2021-43572 Source advisory: OSV:PYSEC-2021-426...
CVE-2021-43572
The verify function in the Stark Bank Python ECDSA library aka starkbank-escada or ecdsa-python before 2.0.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages...
CVE-2021-43572
The CVE-2021-43572 entry documents a vulnerability in the Stark Bank Python ECDSA library (starkbank-escada/ecdsa-python) where the verify function before version 2.0.1 fails to ensure signatures are non-zero, allowing an attacker to forge signatures on arbitrary messages. Affected software: Star...