DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2024-23342

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-23342

CGA ID

CGA-784x-g2x6-j7vm

Severity

7.4

High

CVSS V3

Description

The ecdsa PyPI package is a pure Python implementation of ECC (Elliptic Curve Cryptography) with support for ECDSA (Elliptic Curve Digital Signature Algorithm), EdDSA (Edwards-curve Digital Signature Algorithm) and ECDH (Elliptic Curve Diffie-Hellman). Versions 0.18.0 and prior are vulnerable to the Minerva attack. As of time of publication, no known patched version exists.

References

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images