fastecdsa@1.0.0b1 vulnerabilities
Fast elliptic curve digital signatures
-
latest version
2.3.2
-
latest non vulnerable version
-
first published
8 years ago
-
latest version published
3 months ago
-
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the fastecdsa package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
fastecdsa is a python package for doing fast elliptic curve cryptography, specifically digital signatures. Affected versions of this package are vulnerable to Use of Uninitialized Variable on the stack, via the How to fix Use of Uninitialized Variable? Upgrade |
[,2.3.2)
|
fastecdsa is a python package for doing fast elliptic curve cryptography, specifically digital signatures. Affected versions of this package are vulnerable to Timing Attack. When using the How to fix Timing Attack? Upgrade |
[,2.1.2)
|
fastecdsa is a python package for doing fast elliptic curve cryptography, specifically digital signatures. Affected versions of this package are vulnerable to Timing Attack. Practical recovery of the long-term private key generated by the library is possible under certain conditions. Leakage of bit-length of a scalar during scalar multiplication is possible on an elliptic curve which might allow practical recovery of the long-term private key. How to fix Timing Attack? Upgrade |
[0,2.1.4)
|