{"id":"CVE-2019-14853","details":"An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions (or no exceptions at all), which could lead to a denial of service.","aliases":["GHSA-2mrj-435v-c2cr","GHSA-pwfw-mgfj-7g3g","PYSEC-2019-177"],"modified":"2026-04-16T04:32:19.699405347Z","published":"2019-11-26T13:15:10.537Z","related":["SUSE-SU-2019:2891-1","SUSE-SU-2019:2891-2","SUSE-SU-2019:3024-1","openSUSE-SU-2019:2472-1","openSUSE-SU-2019:2474-1","openSUSE-SU-2024:11229-1","openSUSE-SU-2024:13862-1"],"references":[{"type":"WEB","url":"https://seclists.org/bugtraq/2019/Dec/33"},{"type":"ADVISORY","url":"https://www.debian.org/security/2019/dsa-4588"},{"type":"ADVISORY","url":"https://github.com/warner/python-ecdsa/releases/tag/python-ecdsa-0.13.3"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14853"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/tlsfuzzer/python-ecdsa","events":[{"introduced":"0"},{"fixed":"7add2213c992f51267eed8288b560f3f4108a28d"}]},{"type":"GIT","repo":"https://github.com/warner/python-ecdsa","events":[{"introduced":"0"},{"fixed":"7add2213c992f51267eed8288b560f3f4108a28d"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"0.13.3"}]}}],"versions":["python-ecdsa-0.10","python-ecdsa-0.11","python-ecdsa-0.12","python-ecdsa-0.13","python-ecdsa-0.13.1","python-ecdsa-0.13.2","python-ecdsa-0.5","python-ecdsa-0.6","python-ecdsa-0.7","python-ecdsa-0.8","python-ecdsa-0.9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-14853.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}