N/A

CVSS Score

Basic Information

CVE ID

GHSA ID

GHSA-9wx7-jrvc-28mm

EPSS Score

CWE

CWE-347

Published

11/8/2021

Updated

3/31/2023

KEV Status

Technology

Python

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

GHSA-9wx7-jrvc-28mm

GHSA-9wx7-jrvc-28mm:
Signature verification vulnerability in Stark Bank ecdsa libraries

An attacker can forge signatures on arbitrary messages that will verify for any public key. This may allow attackers to authenticate as any user within the Stark Bank platform, and bypass signature verification needed to perform operations on the platform, such as send payments and transfer funds. Additionally, the ability for attackers to forge signatures may impact other users and projects using these libraries in different and unforeseen ways.

(GitHub Advisory)

N/A

CVSS Score

Basic Information

CVE ID

GHSA ID

GHSA-9wx7-jrvc-28mm

EPSS Score

CWE

CWE-347

Published

11/8/2021

Updated

3/31/2023

KEV Status

Technology

Python

Technical Details

CVSS Vector

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
starkbank-ecdsa	pip	< 2.0.1	2.0.1
com.starkbank:ecdsa-java	maven	= 1.0.0	1.0.1
starkbank-ecdsa	nuget	= 1.3.1	1.3.2
starkbank-ecdsa	npm	= 1.1.2	1.1.3

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The GitHub patch explicitly adds range checks for signature.r and signature.s in the verify() method of ecdsa.py. This matches the vulnerability description about signature forgery through improper cryptographic verification (CWE-347). The absence of these checks in pre-patch versions would allow acceptance of mathematically invalid signatures. While other language implementations (Java/Node/.NET) are also affected, the Python diff provides direct evidence of the vulnerable function location.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n *tt**k*r **n *or** si*n*tur*s on *r*itr*ry m*ss***s t**t will v*ri*y *or *ny pu*li* k*y. T*is m*y *llow *tt**k*rs to *ut**nti**t* *s *ny us*r wit*in t** St*rk **nk pl*t*orm, *n* *yp*ss si*n*tur* v*ri*i**tion n***** to p*r*orm op*r*tions on t** pl*

Reasoning

T** *it*u* p*t** *xpli*itly ***s r*n** ****ks *or `si*n*tur*.r` *n* `si*n*tur*.s` in t** `v*ri*y()` m*t*o* o* `***s*.py`. T*is m*t***s t** vuln*r**ility **s*ription **out si*n*tur* *or**ry t*rou** improp*r *rypto*r*p*i* v*ri*i**tion (*W*-***). T** **

N/A

Basic Information

Concerned about an active attack path?

GHSA-9wx7-jrvc-28mm: Signature verification vulnerability in Stark Bank ecdsa libraries

N/A

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

GHSA-9wx7-jrvc-28mm:
Signature verification vulnerability in Stark Bank ecdsa libraries

Vulnerability Intelligence
Miggo AI