CVE-2021-43570
EUVD-2021-238509.11.2021, 22:15
The verify function in the Stark Bank Java ECDSA library (ecdsa-java) 1.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| starkbank | ecdsa-java | 1.0.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References