Skip to content

CVE for dependency ecdsa #1108

New issue
New issue
Open
#1114
Open
CVE for dependency ecdsa#1108
#1114
Labels
status: work in progressTwilio or the community is in the process of implementingtype: securityknown security issue
@trupus

Description

@trupus
trupus
opened on May 28, 2025

Hi,

I noticed you switched from starkbank-ecdsa to ecdsa. There are currently 2 vulnerabilities for ecdsa CVE-2024-23342, PVE-2024-64396.

For now I'm just ignoring them in my CI pipeline, but what would be a better solution going forward?

Thanks

Metadata

Metadata

Assignees

No one assigned

    Labels

    status: work in progressTwilio or the community is in the process of implementingtype: securityknown security issue

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions