[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-14859":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":27,"aliases":45,"duplicate_of":9,"upstream":48,"downstream":49,"duplicates":78,"related":79,"reserved_at":9,"published_at":88,"modified_at":89,"state":90,"summary":91,"references_raw":99,"kevs":163,"epss":164,"epss_history":167,"metrics":431,"affected":453},"CVE-2019-14859","A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker could use a malleable signature to create false transactions.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-347","Improper Verification of Cryptographic Signature","The product does not verify, or incorrectly verifies, the cryptographic signature for data.","weakness","Draft","Base",[19,23],{"id":20,"name":21,"techniques":22},"CAPEC-463","Padding Oracle Crypto Attack",[],{"id":24,"name":25,"techniques":26},"CAPEC-475","Signature Spoofing by Improper Validation",[],[28,37],{"_key":29,"name":30,"source":31,"url":32,"maturity":33,"reliability_score":34,"verified":35,"type":9,"platforms":36,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_WARNER_PYTHON-ECDSA","Python Ecdsa","github","https://github.com/warner/python-ecdsa/issues/114","poc",0.3,false,[],{"_key":38,"name":39,"source":40,"url":41,"maturity":42,"reliability_score":43,"verified":35,"type":9,"platforms":44,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_9DF9629730B22046","Exploit Reference (bugzilla.redhat.com)","reference","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14859","unknown",0.2,[],[46,47],"GHSA-8qxj-f9rh-9fg2","PYSEC-2020-163",[],[50,52,54,56,58,60,62,64,66,68,70,72,74,76],{"_key":51},"SUSE-SU-2019:2891-1",{"_key":53},"SUSE-SU-2019:2891-2",{"_key":55},"SUSE-SU-2019:3024-1",{"_key":57},"UBUNTU-CVE-2019-14859",{"_key":59},"USN-4196-1",{"_key":61},"OPENSUSE-SU-2019:2472-1",{"_key":63},"OPENSUSE-SU-2019:2474-1",{"_key":65},"OPENSUSE-SU-2024:11229-1",{"_key":67},"OPENSUSE-SU-2024:13862-1",{"_key":69},"DLA-1978-1",{"_key":71},"DSA-4588-1",{"_key":73},"MGASA-2020-0002",{"_key":75},"DEBIAN-CVE-2019-14859",{"_key":77},"RHSA-2021:4702",[],[80,81,82,83,84,85,86,87],{"_key":51},{"_key":53},{"_key":55},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":73},"2020-01-02T14:15:58.000Z","2024-08-05T00:26:39.127Z","Modified",{"cisa_kev":35,"cisa_ransomware":35,"cisa_vendor":9,"epss_severity":92,"epss_score":93,"severity":94,"severity_score":95,"severity_version":96,"severity_source":97,"severity_vector":98,"severity_status":90},"low",0.00072,"critical",9.1,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",[100,110,118,123,126,131,135,139,143,147,151,155,159],{"url":101,"sources":102,"tags":105},"https://github.com/warner/python-ecdsa/releases/tag/python-ecdsa-0.13.3",[103,97,104],"cve.org","osv_pypi",[106,107,108,109],"X Refsource MISC","Release Notes","Third Party Advisory","WEB",{"url":41,"sources":111,"tags":112},[103,97,104],[113,114,115,116,108,109,117],"X Refsource CONFIRM","Exploit","Issue Tracking","Patch","REPORT",{"url":119,"sources":120,"tags":121},"https://pypi.org/project/ecdsa/0.13.3/",[103,97,104],[106,107,108,122],"PACKAGE",{"url":32,"sources":124,"tags":125},[103,97,104],[106,114,108,109,117],{"url":127,"sources":128,"tags":129},"https://nvd.nist.gov/vuln/detail/CVE-2019-14859",[104],[130],"Advisory",{"url":132,"sources":133,"tags":134},"https://github.com/warner/python-ecdsa/pull/115",[104],[109],{"url":136,"sources":137,"tags":138},"https://github.com/tlsfuzzer/python-ecdsa/commit/3427fa29f319b27898a28601955807abb44c0830",[104],[109],{"url":140,"sources":141,"tags":142},"https://github.com/tlsfuzzer/python-ecdsa/commit/9080d1d5ac533da0de00466aaffb49bee808bb4e",[104],[109],{"url":144,"sources":145,"tags":146},"https://github.com/tlsfuzzer/python-ecdsa/commit/b0ea52bb3aa9a16c9a4a91fdc0041edbfed10b31",[104],[109],{"url":148,"sources":149,"tags":150},"https://github.com/advisories/GHSA-8qxj-f9rh-9fg2",[104],[130],{"url":152,"sources":153,"tags":154},"https://github.com/pypa/advisory-database/tree/main/vulns/ecdsa/PYSEC-2020-163.yaml",[104],[109],{"url":156,"sources":157,"tags":158},"https://github.com/warner/python-ecdsa",[104],[122],{"url":160,"sources":161,"tags":162},"https://pypi.org/project/ecdsa/0.13.3",[104],[109],[],{"date":165,"score":93,"percentile":166},"2026-06-04",0.22097,[168,172,175,178,181,184,187,190,193,195,198,200,203,206,209,213,216,219,222,225,228,231,234,237,240,243,246,249,252,255,258,260,263,266,269,272,275,278,281,284,286,289,292,295,298,301,304,307,310,313,316,319,321,324,327,330,333,336,339,342,345,348,351,354,357,360,363,366,369,371,374,377,380,383,386,388,391,394,397,400,403,405,408,411,414,417,419,422,425,428],{"date":169,"score":170,"percentile":171},"2025-11-04",0.00065,0.2048,{"date":173,"score":170,"percentile":174},"2025-11-05",0.20485,{"date":176,"score":170,"percentile":177},"2025-11-06",0.20483,{"date":179,"score":170,"percentile":180},"2025-11-07",0.20492,{"date":182,"score":170,"percentile":183},"2025-11-08",0.20499,{"date":185,"score":170,"percentile":186},"2025-11-09",0.20466,{"date":188,"score":170,"percentile":189},"2025-11-10",0.20429,{"date":191,"score":170,"percentile":192},"2025-11-11",0.20447,{"date":194,"score":170,"percentile":180},"2025-11-12",{"date":196,"score":170,"percentile":197},"2025-11-13",0.20503,{"date":199,"score":170,"percentile":180},"2025-11-14",{"date":201,"score":170,"percentile":202},"2025-11-15",0.20464,{"date":204,"score":170,"percentile":205},"2025-11-16",0.20415,{"date":207,"score":170,"percentile":208},"2025-11-17",0.20344,{"date":210,"score":211,"percentile":212},"2025-11-18",0.00167,0.32487,{"date":214,"score":211,"percentile":215},"2025-11-19",0.32502,{"date":217,"score":211,"percentile":218},"2025-11-20",0.32498,{"date":220,"score":170,"percentile":221},"2025-11-21",0.20309,{"date":223,"score":170,"percentile":224},"2025-11-22",0.20305,{"date":226,"score":170,"percentile":227},"2025-11-23",0.20269,{"date":229,"score":170,"percentile":230},"2025-11-24",0.20245,{"date":232,"score":170,"percentile":233},"2025-11-25",0.20237,{"date":235,"score":170,"percentile":236},"2025-11-26",0.2023,{"date":238,"score":170,"percentile":239},"2025-11-27",0.20227,{"date":241,"score":170,"percentile":242},"2025-11-28",0.20211,{"date":244,"score":170,"percentile":245},"2025-11-29",0.20199,{"date":247,"score":170,"percentile":248},"2025-11-30",0.20196,{"date":250,"score":170,"percentile":251},"2025-12-01",0.20233,{"date":253,"score":170,"percentile":254},"2025-12-02",0.20257,{"date":256,"score":170,"percentile":257},"2025-12-03",0.2027,{"date":259,"score":170,"percentile":236},"2025-12-04",{"date":261,"score":170,"percentile":262},"2025-12-05",0.20278,{"date":264,"score":170,"percentile":265},"2025-12-06",0.2028,{"date":267,"score":170,"percentile":268},"2025-12-07",0.20262,{"date":270,"score":170,"percentile":271},"2025-12-08",0.20283,{"date":273,"score":170,"percentile":274},"2025-12-09",0.2035,{"date":276,"score":170,"percentile":277},"2025-12-10",0.20417,{"date":279,"score":170,"percentile":280},"2025-12-11",0.2045,{"date":282,"score":170,"percentile":283},"2025-12-12",0.20473,{"date":285,"score":170,"percentile":171},"2025-12-13",{"date":287,"score":170,"percentile":288},"2025-12-14",0.2044,{"date":290,"score":170,"percentile":291},"2025-12-15",0.2042,{"date":293,"score":170,"percentile":294},"2025-12-16",0.20451,{"date":296,"score":170,"percentile":297},"2025-12-17",0.20532,{"date":299,"score":170,"percentile":300},"2025-12-18",0.20619,{"date":302,"score":170,"percentile":303},"2025-12-19",0.2064,{"date":305,"score":170,"percentile":306},"2025-12-20",0.20617,{"date":308,"score":170,"percentile":309},"2025-12-21",0.20564,{"date":311,"score":170,"percentile":312},"2025-12-22",0.20529,{"date":314,"score":170,"percentile":315},"2025-12-23",0.20526,{"date":317,"score":170,"percentile":318},"2025-12-24",0.20557,{"date":320,"score":170,"percentile":303},"2025-12-25",{"date":322,"score":170,"percentile":323},"2025-12-26",0.20635,{"date":325,"score":170,"percentile":326},"2025-12-27",0.20632,{"date":328,"score":170,"percentile":329},"2025-12-28",0.20593,{"date":331,"score":170,"percentile":332},"2025-12-29",0.20551,{"date":334,"score":170,"percentile":335},"2025-12-30",0.20539,{"date":337,"score":170,"percentile":338},"2025-12-31",0.20596,{"date":340,"score":170,"percentile":341},"2026-01-01",0.20687,{"date":343,"score":170,"percentile":344},"2026-01-02",0.2069,{"date":346,"score":170,"percentile":347},"2026-01-03",0.20678,{"date":349,"score":170,"percentile":350},"2026-01-04",0.20587,{"date":352,"score":170,"percentile":353},"2026-01-05",0.20579,{"date":355,"score":170,"percentile":356},"2026-01-06",0.2059,{"date":358,"score":170,"percentile":359},"2026-01-07",0.20625,{"date":361,"score":170,"percentile":362},"2026-01-08",0.20673,{"date":364,"score":170,"percentile":365},"2026-01-09",0.20672,{"date":367,"score":170,"percentile":368},"2026-01-10",0.20667,{"date":370,"score":170,"percentile":323},"2026-01-11",{"date":372,"score":170,"percentile":373},"2026-01-12",0.20598,{"date":375,"score":170,"percentile":376},"2026-01-13",0.20576,{"date":378,"score":170,"percentile":379},"2026-01-14",0.20634,{"date":381,"score":170,"percentile":382},"2026-01-15",0.20637,{"date":384,"score":170,"percentile":385},"2026-01-16",0.20666,{"date":387,"score":170,"percentile":365},"2026-01-17",{"date":389,"score":170,"percentile":390},"2026-01-18",0.2062,{"date":392,"score":170,"percentile":393},"2026-01-19",0.20581,{"date":395,"score":170,"percentile":396},"2026-01-20",0.2056,{"date":398,"score":170,"percentile":399},"2026-01-21",0.20525,{"date":401,"score":170,"percentile":402},"2026-01-22",0.20504,{"date":404,"score":170,"percentile":373},"2026-01-23",{"date":406,"score":170,"percentile":407},"2026-01-24",0.20618,{"date":409,"score":170,"percentile":410},"2026-01-25",0.2054,{"date":412,"score":170,"percentile":413},"2026-01-26",0.20436,{"date":415,"score":170,"percentile":416},"2026-01-27",0.20427,{"date":418,"score":170,"percentile":416},"2026-01-28",{"date":420,"score":170,"percentile":421},"2026-01-29",0.20385,{"date":423,"score":170,"percentile":424},"2026-01-30",0.20387,{"date":426,"score":170,"percentile":427},"2026-01-31",0.20393,{"date":429,"score":170,"percentile":430},"2026-02-01",0.20418,[432,439,448],{"source":103,"cvss_v2_0":9,"cvss_v3_0":433,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":434,"baseSeverity":435,"vectorString":436,"impactScore":437,"exploitabilityScore":438},7.4,"HIGH","CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",8.7,5.6,{"source":97,"cvss_v2_0":440,"cvss_v3_0":445,"cvss_v3_1":446,"cvss_v4_0":9},{"baseScore":441,"baseSeverity":9,"vectorString":442,"impactScore":443,"exploitabilityScore":444},6.4,"AV:N/AC:L/Au:N/C:P/I:P/A:N",4.9,10,{"baseScore":434,"baseSeverity":435,"vectorString":436,"impactScore":437,"exploitabilityScore":438},{"baseScore":95,"baseSeverity":447,"vectorString":98,"impactScore":437,"exploitabilityScore":444},"CRITICAL",{"source":104,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":449,"cvss_v4_0":450},{"baseScore":95,"baseSeverity":9,"vectorString":98,"impactScore":437,"exploitabilityScore":444},{"baseScore":451,"baseSeverity":9,"vectorString":452,"impactScore":9,"exploitabilityScore":9},9.3,"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",[454,465,473,479,488,499],{"ecosystem":455,"name":456,"vendor":455,"product":456,"cpe_part":9,"purl_type":457,"purl_namespace":9,"purl_name":456,"source":9,"versions":458},"PyPI","ecdsa","pypi",[459],{"version":460,"is_range":461,"range_type":462,"version_start":9,"version_start_type":9,"version_end":463,"version_end_type":464,"fixed_in":9},"lt0_13_3",true,"ecosystem","0.13.3","excluding",{"ecosystem":9,"name":466,"vendor":467,"product":466,"cpe_part":468,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":469},"python-ecdsa","python-ecdsa_project","a",[470],{"version":471,"is_range":461,"range_type":472,"version_start":9,"version_start_type":9,"version_end":463,"version_end_type":464,"fixed_in":9},"lt0.13.3","cpe",{"ecosystem":9,"name":466,"vendor":474,"product":466,"cpe_part":468,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":475},"red hat",[476],{"version":477,"is_range":35,"range_type":103,"version_start":477,"version_start_type":478,"version_end":477,"version_end_type":478,"fixed_in":9},"all python-ecdsa versions before 0.13.3","including",{"ecosystem":9,"name":480,"vendor":481,"product":482,"cpe_part":468,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":483},"ceph storage","redhat","ceph_storage",[484,486],{"version":485,"is_range":35,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.0",{"version":487,"is_range":35,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.0",{"ecosystem":9,"name":489,"vendor":481,"product":489,"cpe_part":468,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":490},"openstack",[491,493,495,497],{"version":492,"is_range":35,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10",{"version":494,"is_range":35,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"13",{"version":496,"is_range":35,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14",{"version":498,"is_range":35,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15",{"ecosystem":9,"name":500,"vendor":481,"product":500,"cpe_part":468,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":501},"virtualization",[502],{"version":503,"is_range":35,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0"]