Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/python-ecdsa@0.13-3%2Bdeb10u1
purl pkg:deb/debian/python-ecdsa@0.13-3%2Bdeb10u1
Next non-vulnerable version 0.19.2-1
Latest non-vulnerable version 0.19.2-1
Risk 4.5
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-9pe3-67b4-yqae
Aliases:
CVE-2019-14859
GHSA-8qxj-f9rh-9fg2
PYSEC-2020-163
A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker could use a malleable signature to create false transactions.
0.16.1-1
Affected by 1 other vulnerability.
VCID-qrf7-gnjg-bfat
Aliases:
CVE-2019-14853
GHSA-2mrj-435v-c2cr
GHSA-pwfw-mgfj-7g3g
PYSEC-2019-177
An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions (or no exceptions at all), which could lead to a denial of service.
0.16.1-1
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-9pe3-67b4-yqae A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker could use a malleable signature to create false transactions. CVE-2019-14859
GHSA-8qxj-f9rh-9fg2
PYSEC-2020-163
VCID-qrf7-gnjg-bfat An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions (or no exceptions at all), which could lead to a denial of service. CVE-2019-14853
GHSA-2mrj-435v-c2cr
GHSA-pwfw-mgfj-7g3g
PYSEC-2019-177

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T22:22:14.519705+00:00 Debian Oval Importer Affected by VCID-qrf7-gnjg-bfat https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:36:02.397852+00:00 Debian Oval Importer Affected by VCID-9pe3-67b4-yqae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T14:59:56.617317+00:00 Debian Oval Importer Fixing VCID-9pe3-67b4-yqae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.4.0
2026-04-15T14:47:01.377258+00:00 Debian Oval Importer Fixing VCID-qrf7-gnjg-bfat https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.4.0
2026-04-11T21:59:37.055385+00:00 Debian Oval Importer Affected by VCID-qrf7-gnjg-bfat https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:23:58.615367+00:00 Debian Oval Importer Affected by VCID-9pe3-67b4-yqae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T14:48:12.114984+00:00 Debian Oval Importer Fixing VCID-9pe3-67b4-yqae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.3.0
2026-04-11T14:35:16.220495+00:00 Debian Oval Importer Fixing VCID-qrf7-gnjg-bfat https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.3.0
2026-04-08T21:36:46.891845+00:00 Debian Oval Importer Affected by VCID-qrf7-gnjg-bfat https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:18:30.775321+00:00 Debian Oval Importer Affected by VCID-9pe3-67b4-yqae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-07T23:20:57.303118+00:00 Debian Oval Importer Fixing VCID-9pe3-67b4-yqae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.1.0
2026-04-07T23:08:27.408323+00:00 Debian Oval Importer Fixing VCID-qrf7-gnjg-bfat https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.1.0