CVE-2021-43572

Published: 2021-11-09T22:15Z

Last Modified: 2024-11-21T06:29Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The verify function in the Stark Bank Python ECDSA library (aka starkbank-escada or ecdsa-python) before 2.0.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt