VulnerableCode Package Details - pkg:deb/debian/python-ecdsa@0.11-1~bpo70%2B1

Search for packages

Vulnerability	Summary	Fixed by
VCID-9pe3-67b4-yqae Aliases: CVE-2019-14859 GHSA-8qxj-f9rh-9fg2 PYSEC-2020-163	A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker could use a malleable signature to create false transactions.	0.13-2+deb9u1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 0.13-3+deb10u1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 0.16.1-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-qrf7-gnjg-bfat Aliases: CVE-2019-14853 GHSA-2mrj-435v-c2cr GHSA-pwfw-mgfj-7g3g PYSEC-2019-177	An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions (or no exceptions at all), which could lead to a denial of service.	0.13-2+deb9u1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 0.13-3+deb10u1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 0.16.1-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-9pe3-67b4-yqae
Aliases:
CVE-2019-14859
GHSA-8qxj-f9rh-9fg2
PYSEC-2020-163

A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker could use a malleable signature to create false transactions.

0.13-2+deb9u1
Affected by 2 other vulnerabilities.

0.13-3+deb10u1
Affected by 2 other vulnerabilities.

0.16.1-1
Affected by 1 other vulnerability.

VCID-qrf7-gnjg-bfat
Aliases:
CVE-2019-14853
GHSA-2mrj-435v-c2cr
GHSA-pwfw-mgfj-7g3g
PYSEC-2019-177

An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions (or no exceptions at all), which could lead to a denial of service.

0.13-2+deb9u1
Affected by 2 other vulnerabilities.

0.13-3+deb10u1
Affected by 2 other vulnerabilities.

0.16.1-1
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T22:22:14.508205+00:00	Debian Oval Importer	Affected by	VCID-qrf7-gnjg-bfat	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T15:36:02.388409+00:00	Debian Oval Importer	Affected by	VCID-9pe3-67b4-yqae	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T14:59:56.607014+00:00	Debian Oval Importer	Affected by	VCID-9pe3-67b4-yqae	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.4.0
2026-04-15T14:47:01.366395+00:00	Debian Oval Importer	Affected by	VCID-qrf7-gnjg-bfat	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.4.0
2026-04-15T14:28:23.868604+00:00	Debian Oval Importer	Affected by	VCID-qrf7-gnjg-bfat	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.4.0
2026-04-15T14:06:41.675374+00:00	Debian Oval Importer	Affected by	VCID-9pe3-67b4-yqae	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.4.0
2026-04-11T21:59:37.044640+00:00	Debian Oval Importer	Affected by	VCID-qrf7-gnjg-bfat	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T15:23:58.603128+00:00	Debian Oval Importer	Affected by	VCID-9pe3-67b4-yqae	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T14:48:12.103462+00:00	Debian Oval Importer	Affected by	VCID-9pe3-67b4-yqae	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.3.0
2026-04-11T14:35:16.203858+00:00	Debian Oval Importer	Affected by	VCID-qrf7-gnjg-bfat	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.3.0
2026-04-11T14:16:43.705290+00:00	Debian Oval Importer	Affected by	VCID-qrf7-gnjg-bfat	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.3.0
2026-04-11T13:55:16.994067+00:00	Debian Oval Importer	Affected by	VCID-9pe3-67b4-yqae	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.3.0
2026-04-08T21:36:46.879129+00:00	Debian Oval Importer	Affected by	VCID-qrf7-gnjg-bfat	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T15:18:30.762034+00:00	Debian Oval Importer	Affected by	VCID-9pe3-67b4-yqae	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-07T23:20:57.290493+00:00	Debian Oval Importer	Affected by	VCID-9pe3-67b4-yqae	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.1.0
2026-04-07T23:08:27.392991+00:00	Debian Oval Importer	Affected by	VCID-qrf7-gnjg-bfat	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.1.0
2026-04-07T22:50:29.485400+00:00	Debian Oval Importer	Affected by	VCID-qrf7-gnjg-bfat	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.1.0
2026-04-07T22:30:08.726334+00:00	Debian Oval Importer	Affected by	VCID-9pe3-67b4-yqae	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.1.0