python-ecdsa (SUSE:Linux Enterprise Module for Public Cloud 15) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Public Cloud 15 package python-ecdsa, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2020-14343 — CVSS 9.8 (critical): A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it…
CVE-2019-14859 — CVSS 9.1 (critical): A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding…
CVE-2019-14853 — CVSS 7.5 (high): An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise…
CVE-2020-25659 — CVSS 5.9 (medium): python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS#1 v1.5…