Ixtli logoIxtli
← Feed/CVE-2024-23342
HIGHCVE-2024-23342PyPICVSS 7.4

ecdsa

Published

Description

Minerva timing attack on P-256 in python-ecdsa

Affected Versions

>=0

References

WEBhttps://github.com/tlsfuzzer/python-ecdsa/security/advisories/GHSA-wj6h-64fc-37mpADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2024-23342PACKAGEhttps://github.com/tlsfuzzer/python-ecdsaWEBhttps://github.com/tlsfuzzer/python-ecdsa/blob/master/SECURITY.mdWEBhttps://minerva.crocs.fi.muni.czWEBhttps://securitypitfalls.wordpress.com/2018/08/03/constant-time-compare-in-python

Using ecdsa?

Scan your dependencies and detect this automatically on every PR.

Create free account