Tlsfuzzer Ecdsa vulnerabilities

CVE-2026-33936 [MEDIUM] CWE-20 CVE-2026-33936: The `ecdsa` PyPI package is a pure Python implementation of ECC (Elliptic Curve Cryptography) with s The `ecdsa` PyPI package is a pure Python implementation of ECC (Elliptic Curve Cryptography) with support for ECDSA (Elliptic Curve Digital Signature Algorithm), EdDSA (Edwards-curve Digital Signature Algorithm) and ECDH (Elliptic Curve Diffie-Hellman). Prior to version 0.19.2, an issue in the low-level DER parsing functions can cause unexpected exc

CVE-2024-23342 [HIGH] CWE-203 CVE-2024-23342: The `ecdsa` PyPI package is a pure Python implementation of ECC (Elliptic Curve Cryptography) with s The `ecdsa` PyPI package is a pure Python implementation of ECC (Elliptic Curve Cryptography) with support for ECDSA (Elliptic Curve Digital Signature Algorithm), EdDSA (Edwards-curve Digital Signature Algorithm) and ECDH (Elliptic Curve Diffie-Hellman). Versions 0.18.0 and prior are vulnerable to the Minerva attack. As of time of publication, no know

CVE-2019-14859 [CRITICAL] CWE-347 Improper Verification of Cryptographic Signature in Pure-Python ECDSA Improper Verification of Cryptographic Signature in Pure-Python ECDSA A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker could use a malleable signature to create false tra

CVE-2019-14853 [HIGH] CWE-391 ecdsa Denial of Service vulnerability in signature verification and signature malleability ecdsa Denial of Service vulnerability in signature verification and signature malleability ## possible DoS in signature verification and signature malleability ### Impact Code using `VerifyingKey.verify()` and `VerifyingKey.verify_digest()` may receive exceptions other than the documented `BadSignatureError` when signatures are malformed. If those other exceptions are not ca