This page aggregates publicly disclosed CVE and security risk information related to starkbank, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2021-43572 | The verify function in the Stark Bank Python ECDSA library (aka starkbank-escada or ecdsa-python) before 2.0.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. | [email protected] | 9.8 | 0.23% | 2021-11-09 | 2024-11-21 |
| CVE-2021-43571 | The verify function in the Stark Bank Node.js ECDSA library (ecdsa-node) 1.1.2 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. | [email protected] | 9.8 | 0.19% | 2021-11-09 | 2024-11-21 |
| CVE-2021-43570 | The verify function in the Stark Bank Java ECDSA library (ecdsa-java) 1.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. | [email protected] | 9.8 | 0.19% | 2021-11-09 | 2024-11-21 |
| CVE-2021-43569 | The verify function in the Stark Bank .NET ECDSA library (ecdsa-dotnet) 1.3.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. | [email protected] | 9.8 | 0.22% | 2021-11-09 | 2024-11-21 |
| CVE-2021-43568 | The verify function in the Stark Bank Elixir ECDSA library (ecdsa-elixir) 1.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. | [email protected] | 9.8 | 0.19% | 2021-11-09 | 2024-11-21 |