CVE-2020-36843

The implementation of EdDSA in EdDSA-Java aka ed25519-java through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA Strong Existential Unforgeability under Chosen Message Attacks property. This allows attackers to create new valid signatures different from previous signature...

Elliptic 安全漏洞

Elliptic is a library of fast elliptic curve ciphers in javascript by the individual developer Fedor Indutny. A security vulnerability exists in Elliptic version 6.5.6, which stems from a lack of signature length checking, and therefore an EDDSA signature extensibility issue...