The `ecdsa` PyPI package is a pure Python implementation of ECC (Elliptic Curve Cryptography) with support for ECDSA (Elliptic Curve Digital Signature Algorithm), EdDSA (Edwards-curve Digital Signature Algorithm) and ECDH (Elliptic Curve Diffie-Hellman). Versions 0.18.0 and prior are vulnerable to the Minerva attack. As of time of publication, no known patched version exists.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Sat, 31 May 2025 08:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 05 Dec 2024 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Redhat satellite
Redhat satellite Capsule
CPEs cpe:/a:redhat:satellite:6.15::el8
cpe:/a:redhat:satellite_capsule:6.15::el8
Vendors & Products Redhat satellite
Redhat satellite Capsule

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2025-05-30T14:21:45.651Z

Reserved: 2024-01-15T15:19:19.444Z

Link: CVE-2024-23342

cve-icon Vulnrichment

Updated: 2024-08-01T22:59:32.162Z

cve-icon NVD

Status : Analyzed

Published: 2024-01-23T00:15:26.397

Modified: 2025-08-26T21:33:47.870

Link: CVE-2024-23342

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-01-23T00:00:00Z

Links: CVE-2024-23342 - Bugzilla

cve-icon OpenCVE Enrichment

No data.