CVE-2021-43569

The verify function in the Stark Bank .NET ECDSA library (ecdsa-dotnet) 1.3.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages.
Configurations

Configuration 1

cpe:2.3:a:starkbank:ecdsa-dotnet:1.3.2:*:*:*:*:*:*:*

Information

Published : 2021-11-09 10:15

Updated : 2021-11-12 08:01


NVD link : CVE-2021-43569

Mitre link : CVE-2021-43569

Products Affected
No products.
CWE
CWE-347

Improper Verification of Cryptographic Signature