Vulnerabilities > Starkbank

DATE CVE VULNERABILITY TITLE RISK
2021-11-09 CVE-2021-43568 Improper Verification of Cryptographic Signature vulnerability in Starkbank Elixir Ecdsa 1.0.0
The verify function in the Stark Bank Elixir ECDSA library (ecdsa-elixir) 1.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages.
network
low complexity
starkbank CWE-347
critical
9.8
2021-11-09 CVE-2021-43569 Improper Verification of Cryptographic Signature vulnerability in Starkbank Ecdsa-Dotnet 1.3.2
The verify function in the Stark Bank .NET ECDSA library (ecdsa-dotnet) 1.3.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages.
network
low complexity
starkbank CWE-347
critical
9.8
2021-11-09 CVE-2021-43570 Improper Verification of Cryptographic Signature vulnerability in Starkbank Ecdsa-Java 1.0.0
The verify function in the Stark Bank Java ECDSA library (ecdsa-java) 1.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages.
network
low complexity
starkbank CWE-347
critical
9.8
2021-11-09 CVE-2021-43571 Improper Verification of Cryptographic Signature vulnerability in Starkbank Ecdsa-Node 1.1.2
The verify function in the Stark Bank Node.js ECDSA library (ecdsa-node) 1.1.2 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages.
network
low complexity
starkbank CWE-347
critical
9.8
2021-11-09 CVE-2021-43572 Improper Verification of Cryptographic Signature vulnerability in Starkbank Ecdsa-Python
The verify function in the Stark Bank Python ECDSA library (aka starkbank-escada or ecdsa-python) before 2.0.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages.
network
low complexity
starkbank CWE-347
critical
9.8