FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

security/py-ecdsa -- multiple issues

Affected packages
py27-ecdsa <= 0.13.3
py37-ecdsa <= 0.13.3


VuXML ID a23ebf36-e8b6-4665-b0f3-4c977f9a145c
Discovery 2019-10-07
Entry 2020-08-16

py-ecdsa developers report:

Fix CVE-2019-14853 - possible DoS caused by malformed signature decoding.

Fix CVE-2019-14859 - signature malleability caused by insufficient checks of DER encoding


CVE Name CVE-2019-14853
CVE Name CVE-2019-14859