fastecdsa

PyPI2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting fastecdsapage 1 of 1

CVE-2020-12607HIGHCVSS 7.5EG 7.5✓ Fixed in 2.1.2
2020-06-02
vulnerable: 1.0.0b1 ... 2.1.1 (33 versions)
An issue was discovered in fastecdsa before 2.1.2. When using the NIST P-256 curve in the ECDSA implementation, the point at infinity is mishandled. This means that for an extreme value in k and s^-1, the signature verification fails even …
CVE-2024-21502HIGHCVSS 7.5EG 7.5✓ Fixed in 2.3.2
2024-02-24
vulnerable: 1.0.0b1 ... 2.3.1 (43 versions)
Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemath_mul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variab…

Check whether fastecdsa is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for fastecdsa CVEs against the assets you own.

Start Free Scan →