CVE-2026-33936

CVE-2026-33936 affects the Python package python-ecdsa (pre-0.19.2). A flaw in the low-level DER parsing (remove_octet_string) can cause generated truncated DER inputs to be accepted, allowing SigningKey.from_der() to raise an internal IndexError instead of rejecting malformed data, potentially c...

SUSE-SU-2023:4957-1 Security update for libcryptopp

This update for libcryptopp fixes the following issues: - CVE-2023-50980: Fixed DoS via malformed DER public key file bsc1218219...

Crypto++ Security Vulnerability

Crypto++ is a C++ cryptographic method library A security vulnerability exists in Crypto++ version 8.9.0, which stems from a security issue in the ModularSquareRoot function that results in an infinite loop. An attacker exploiting this vulnerability may be able to create an incorrectly formatted...

Denial of service

An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions or no exceptions at all, which could lead to a denial of service...

UBUNTU-CVE-2019-14853

An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions or no exceptions at all, which could lead to a denial of service...

MGASA-2016-0170 Updated libtasn1 package fixes security vulnerability

Updated libtasn1 packages fix security vulnerability: Pascal Cuoq and Miod Vallat discovered that Libtasn1 incorrectly handled certain malformed DER certificates. A remote attacker could possibly use this issue to cause applications using Libtasn1 to hang, resulting in a denial of service...