MGASA-2020-0002

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2019-14853 CVE-2019-14859

Published: 05 Jan 2020, 15:37

Last modified:16 Apr 2026, 04:26

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

05 Jan 2020, 15:37

Published

Vulnerability first disclosed

16 Apr 2026, 04:26

Last Modified

Vulnerability information updated

Description

Updated python-ecdsa packages fix security vulnerabilities Updated python-ecdsa packages fix security vulnerabilities: It was discovered that python-ecdsa incorrectly handled certain signatures. A remote attacker could possibly use this issue to cause python-ecdsa to generate unexpected exceptions, resulting in a denial of service (CVE-2019-14853). It was discovered that python-ecdsa incorrectly verified DER encoding in signatures. A remote attacker could use this issue to perform certain malleability attacks (CVE-2019-14859).

Affected Systems

mageia•python-ecdsa
< 0.13.3-1.mga7

MGASA-2020-0002

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)