PT-2024-19822
Name of the Vulnerable Software and Affected Versions ecdsa versions 0.18.0 and prior Description The ecdsa PyPI package, a pure Python implementation of ECC Elliptic Curve Cryptography, is affected by a Minerva timing attack on the P-256 curve. This attack can leak the internal nonce when using...