3 matches found
Elliptic 安全漏洞
Elliptic is a fast elliptic curve cryptographic library in javascript by the individual developer Fedor Indutny. A security vulnerability exists in Elliptic version 6.5.7, which stems from an inability to properly verify valid signatures in its ECDSA implementation...
Elliptic 安全漏洞
Elliptic is a library of fast elliptic curve ciphers in javascript by the individual developer Fedor Indutny. A security vulnerability exists in Elliptic versions prior to 6.5.6, which stems from a validation function that omits some judgmental validation...
CVE-2023-46234
browserify-sign is a package to duplicate the functionality of node's crypto public key functions, much of this is based on Fedor Indutny's work on indutny/tls.js. An upper bound check issue in dsaVerify function allows an attacker to construct signatures that can be successfully verified by any...