Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/ecdsa@0.12
Typepypi
Namespace
Nameecdsa
Version0.12
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version0.19.2
Latest_non_vulnerable_version0.19.2
Affected_by_vulnerabilities
0
url VCID-9pe3-67b4-yqae
vulnerability_id VCID-9pe3-67b4-yqae
summary A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker could use a malleable signature to create false transactions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14859.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14859.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14859
reference_id
reference_type
scores
0
value 0.00065
scoring_system epss
scoring_elements 0.20293
published_at 2026-04-21T12:55:00Z
1
value 0.00065
scoring_system epss
scoring_elements 0.20296
published_at 2026-04-18T12:55:00Z
2
value 0.00065
scoring_system epss
scoring_elements 0.20291
published_at 2026-04-16T12:55:00Z
3
value 0.00065
scoring_system epss
scoring_elements 0.20303
published_at 2026-04-13T12:55:00Z
4
value 0.00065
scoring_system epss
scoring_elements 0.20361
published_at 2026-04-12T12:55:00Z
5
value 0.00065
scoring_system epss
scoring_elements 0.20309
published_at 2026-04-01T12:55:00Z
6
value 0.00065
scoring_system epss
scoring_elements 0.20377
published_at 2026-04-09T12:55:00Z
7
value 0.00065
scoring_system epss
scoring_elements 0.20318
published_at 2026-04-08T12:55:00Z
8
value 0.00065
scoring_system epss
scoring_elements 0.20238
published_at 2026-04-07T12:55:00Z
9
value 0.00065
scoring_system epss
scoring_elements 0.20512
published_at 2026-04-04T12:55:00Z
10
value 0.00065
scoring_system epss
scoring_elements 0.20453
published_at 2026-04-02T12:55:00Z
11
value 0.00065
scoring_system epss
scoring_elements 0.20406
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14859
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14859
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14859
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14853
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14853
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14859
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14859
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/advisories/GHSA-8qxj-f9rh-9fg2
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-8qxj-f9rh-9fg2
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ecdsa/PYSEC-2020-163.yaml
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ecdsa/PYSEC-2020-163.yaml
8
reference_url https://github.com/tlsfuzzer/python-ecdsa/commit/3427fa29f319b27898a28601955807abb44c0830
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/tlsfuzzer/python-ecdsa/commit/3427fa29f319b27898a28601955807abb44c0830
9
reference_url https://github.com/tlsfuzzer/python-ecdsa/commit/9080d1d5ac533da0de00466aaffb49bee808bb4e
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/tlsfuzzer/python-ecdsa/commit/9080d1d5ac533da0de00466aaffb49bee808bb4e
10
reference_url https://github.com/tlsfuzzer/python-ecdsa/commit/b0ea52bb3aa9a16c9a4a91fdc0041edbfed10b31
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/tlsfuzzer/python-ecdsa/commit/b0ea52bb3aa9a16c9a4a91fdc0041edbfed10b31
11
reference_url https://github.com/warner/python-ecdsa
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/warner/python-ecdsa
12
reference_url https://github.com/warner/python-ecdsa/issues/114
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/warner/python-ecdsa/issues/114
13
reference_url https://github.com/warner/python-ecdsa/pull/115
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/warner/python-ecdsa/pull/115
14
reference_url https://github.com/warner/python-ecdsa/releases/tag/python-ecdsa-0.13.3
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/warner/python-ecdsa/releases/tag/python-ecdsa-0.13.3
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-14859
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-14859
16
reference_url https://pypi.org/project/ecdsa/0.13.3
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://pypi.org/project/ecdsa/0.13.3
17
reference_url https://pypi.org/project/ecdsa/0.13.3/
reference_id
reference_type
scores
url https://pypi.org/project/ecdsa/0.13.3/
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1760843
reference_id 1760843
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1760843
19
reference_url https://access.redhat.com/errata/RHSA-2021:4702
reference_id RHSA-2021:4702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4702
20
reference_url https://usn.ubuntu.com/4196-1/
reference_id USN-4196-1
reference_type
scores
url https://usn.ubuntu.com/4196-1/
fixed_packages
0
url pkg:pypi/ecdsa@0.13.3
purl pkg:pypi/ecdsa@0.13.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ebg3-6ssf-dkcy
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ecdsa@0.13.3
aliases CVE-2019-14859, GHSA-8qxj-f9rh-9fg2, PYSEC-2020-163
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9pe3-67b4-yqae
1
url VCID-acg5-4qjn-sudc
vulnerability_id VCID-acg5-4qjn-sudc
summary A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker could use a malleable signature to create false transactions.
references
0
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14859
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14859
1
reference_url https://github.com/warner/python-ecdsa/issues/114
reference_id
reference_type
scores
url https://github.com/warner/python-ecdsa/issues/114
2
reference_url https://github.com/warner/python-ecdsa/releases/tag/python-ecdsa-0.13.3
reference_id
reference_type
scores
url https://github.com/warner/python-ecdsa/releases/tag/python-ecdsa-0.13.3
3
reference_url https://pypi.org/project/ecdsa/0.13.3/
reference_id
reference_type
scores
url https://pypi.org/project/ecdsa/0.13.3/
fixed_packages
0
url pkg:pypi/ecdsa@0.13.3
purl pkg:pypi/ecdsa@0.13.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ebg3-6ssf-dkcy
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ecdsa@0.13.3
aliases PYSEC-2020-182
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-acg5-4qjn-sudc
2
url VCID-ebg3-6ssf-dkcy
vulnerability_id VCID-ebg3-6ssf-dkcy
summary 
Minerva timing attack on P-256 in python-ecdsa
python-ecdsa has been found to be subject to a Minerva timing attack on the P-256 curve. Using the `ecdsa.SigningKey.sign_digest()` API function and timing signatures an attacker can leak the internal nonce which may allow for private key discovery. Both ECDSA signatures, key generation, and ECDH operations are affected. ECDSA signature verification is unaffected. The python-ecdsa project considers side channel attacks out of scope for the project and there is no planned fix.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23342.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23342.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-23342
reference_id
reference_type
scores
0
value 0.00622
scoring_system epss
scoring_elements 0.70122
published_at 2026-04-21T12:55:00Z
1
value 0.00622
scoring_system epss
scoring_elements 0.70143
published_at 2026-04-18T12:55:00Z
2
value 0.00622
scoring_system epss
scoring_elements 0.70133
published_at 2026-04-16T12:55:00Z
3
value 0.00622
scoring_system epss
scoring_elements 0.70038
published_at 2026-04-02T12:55:00Z
4
value 0.00622
scoring_system epss
scoring_elements 0.70103
published_at 2026-04-12T12:55:00Z
5
value 0.00622
scoring_system epss
scoring_elements 0.70117
published_at 2026-04-11T12:55:00Z
6
value 0.00622
scoring_system epss
scoring_elements 0.70094
published_at 2026-04-09T12:55:00Z
7
value 0.00622
scoring_system epss
scoring_elements 0.70078
published_at 2026-04-08T12:55:00Z
8
value 0.00622
scoring_system epss
scoring_elements 0.70031
published_at 2026-04-07T12:55:00Z
9
value 0.00622
scoring_system epss
scoring_elements 0.70053
published_at 2026-04-04T12:55:00Z
10
value 0.00622
scoring_system epss
scoring_elements 0.7009
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-23342
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23342
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23342
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/tlsfuzzer/python-ecdsa
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/tlsfuzzer/python-ecdsa
5
reference_url https://github.com/tlsfuzzer/python-ecdsa/blob/master/SECURITY.md
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:35:54Z/
url https://github.com/tlsfuzzer/python-ecdsa/blob/master/SECURITY.md
6
reference_url https://github.com/tlsfuzzer/python-ecdsa/security/advisories/GHSA-wj6h-64fc-37mp
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:35:54Z/
url https://github.com/tlsfuzzer/python-ecdsa/security/advisories/GHSA-wj6h-64fc-37mp
7
reference_url https://minerva.crocs.fi.muni.cz
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://minerva.crocs.fi.muni.cz
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-23342
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-23342
9
reference_url https://securitypitfalls.wordpress.com/2018/08/03/constant-time-compare-in-python
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://securitypitfalls.wordpress.com/2018/08/03/constant-time-compare-in-python
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2259780
reference_id 2259780
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2259780
11
reference_url https://github.com/advisories/GHSA-wj6h-64fc-37mp
reference_id GHSA-wj6h-64fc-37mp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wj6h-64fc-37mp
12
reference_url https://access.redhat.com/errata/RHSA-2024:10806
reference_id RHSA-2024:10806
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10806
13
reference_url https://access.redhat.com/errata/RHSA-2024:1878
reference_id RHSA-2024:1878
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1878
fixed_packages
aliases CVE-2024-23342, GHSA-wj6h-64fc-37mp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ebg3-6ssf-dkcy
3
url VCID-qrf7-gnjg-bfat
vulnerability_id VCID-qrf7-gnjg-bfat
summary An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions (or no exceptions at all), which could lead to a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14853.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14853.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14853
reference_id
reference_type
scores
0
value 0.00068
scoring_system epss
scoring_elements 0.20888
published_at 2026-04-21T12:55:00Z
1
value 0.00068
scoring_system epss
scoring_elements 0.20907
published_at 2026-04-18T12:55:00Z
2
value 0.00068
scoring_system epss
scoring_elements 0.20905
published_at 2026-04-16T12:55:00Z
3
value 0.00068
scoring_system epss
scoring_elements 0.20914
published_at 2026-04-13T12:55:00Z
4
value 0.00068
scoring_system epss
scoring_elements 0.20967
published_at 2026-04-12T12:55:00Z
5
value 0.00068
scoring_system epss
scoring_elements 0.2114
published_at 2026-04-04T12:55:00Z
6
value 0.00068
scoring_system epss
scoring_elements 0.20996
published_at 2026-04-09T12:55:00Z
7
value 0.00068
scoring_system epss
scoring_elements 0.20934
published_at 2026-04-08T12:55:00Z
8
value 0.00068
scoring_system epss
scoring_elements 0.20854
published_at 2026-04-07T12:55:00Z
9
value 0.00068
scoring_system epss
scoring_elements 0.20936
published_at 2026-04-01T12:55:00Z
10
value 0.00068
scoring_system epss
scoring_elements 0.21087
published_at 2026-04-02T12:55:00Z
11
value 0.00068
scoring_system epss
scoring_elements 0.21012
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14853
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14853
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14853
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14853
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14853
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14859
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14859
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/advisories/GHSA-2mrj-435v-c2cr
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-2mrj-435v-c2cr
7
reference_url https://github.com/advisories/GHSA-pwfw-mgfj-7g3g
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-pwfw-mgfj-7g3g
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ecdsa/PYSEC-2019-177.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ecdsa/PYSEC-2019-177.yaml
9
reference_url https://github.com/warner/python-ecdsa
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/warner/python-ecdsa
10
reference_url https://github.com/warner/python-ecdsa/releases/tag/python-ecdsa-0.13.3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/warner/python-ecdsa/releases/tag/python-ecdsa-0.13.3
11
reference_url https://github.com/warner/python-ecdsa/security/advisories/GHSA-pwfw-mgfj-7g3g
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/warner/python-ecdsa/security/advisories/GHSA-pwfw-mgfj-7g3g
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-14853
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-14853
13
reference_url https://seclists.org/bugtraq/2019/Dec/33
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Dec/33
14
reference_url https://www.debian.org/security/2019/dsa-4588
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4588
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1758704
reference_id 1758704
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1758704
16
reference_url https://access.redhat.com/errata/RHSA-2021:4702
reference_id RHSA-2021:4702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4702
17
reference_url https://usn.ubuntu.com/4196-1/
reference_id USN-4196-1
reference_type
scores
url https://usn.ubuntu.com/4196-1/
fixed_packages
0
url pkg:pypi/ecdsa@0.13.3
purl pkg:pypi/ecdsa@0.13.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ebg3-6ssf-dkcy
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ecdsa@0.13.3
aliases CVE-2019-14853, GHSA-2mrj-435v-c2cr, GHSA-pwfw-mgfj-7g3g, PYSEC-2019-177
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qrf7-gnjg-bfat
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/ecdsa@0.12