2 matches found
SUSE CVE-2024-42461
In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signatures are allowed...
AZL-47421 CVE-2024-42459 affecting package reaper for versions less than 3.1.1-11
In the Elliptic package 6.5.6 for Node.js, EDDSA signature malleability occurs because there is a missing signature length check, and thus zero-valued bytes can be removed or appended...