VulnerableCode Package Details - pkg:pypi/fastecdsa@2.3.2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/fastecdsa@2.3.2

Essentials
History (2)

purl	pkg:pypi/fastecdsa@2.3.2

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-8nfq-s4yw-5yab	Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemath_mul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free(), arbitrary realloc(), null pointer dereference and other. Since the stack can be controlled by the attacker, the vulnerability could be used to corrupt allocator structure, leading to possible heap exploitation. The attacker could cause denial of service by exploiting this vulnerability.	CVE-2024-21502 GHSA-ph86-g9r3-5qw4 PYSEC-2024-39

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:47:12.926587+00:00	GitLab Importer	Fixing	VCID-8nfq-s4yw-5yab	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/fastecdsa/CVE-2024-21502.yml	38.6.0
2026-06-02T04:20:59.531859+00:00	Pypa Importer	Fixing	VCID-8nfq-s4yw-5yab	https://github.com/pypa/advisory-database/blob/main/vulns/fastecdsa/PYSEC-2024-39.yaml	38.6.0