Lucene search
K

5 matches found

SUSE CVE
SUSE CVE
added 2024/10/16 2:50 a.m.6 views

SUSE CVE-2024-48948

The Elliptic package 6.5.7 for Node.js, in its for ECDSA implementation, does not correctly verify valid signatures if the hash contains at least four leading 0 bytes and when the order of the elliptic curve's base point is smaller than the hash, because of an truncateToN anomaly. This leads to...

4.8CVSS9.4AI score0.00556EPSS
Exploits1References7
OSV
OSV
added 2024/10/15 3:30 p.m.16 views

GHSA-FC9H-WHQ2-V747 Valid ECDSA signatures erroneously rejected in Elliptic

The Elliptic prior to 6.6.0 for Node.js, in its for ECDSA implementation, does not correctly verify valid signatures if the hash contains at least four leading 0 bytes and when the order of the elliptic curve's base point is smaller than the hash, because of an truncateToN anomaly. This leads to...

4.8CVSS4.7AI score0.00556EPSS
Exploits1References7
OSV
OSV
added 2024/10/15 2:15 p.m.25 views

CVE-2024-48948

The Elliptic package 6.5.7 for Node.js, in its for ECDSA implementation, does not correctly verify valid signatures if the hash contains at least four leading 0 bytes and when the order of the elliptic curve's base point is smaller than the hash, because of an truncateToN anomaly. This leads to...

4.8CVSS6.8AI score0.00556EPSS
Exploits1References4
NVD
NVD
added 2024/10/15 2:15 p.m.19 views

CVE-2024-48948

The Elliptic package 6.5.7 for Node.js, in its for ECDSA implementation, does not correctly verify valid signatures if the hash contains at least four leading 0 bytes and when the order of the elliptic curve's base point is smaller than the hash, because of an truncateToN anomaly. This leads to...

4.8CVSS0.00556EPSS
Exploits1References4
Imperva Blog
Imperva Blog
added 2022/02/02 2:21 p.m.12 views

What You Need to Do Today to Protect Against Account Takeover Attacks

Historically, account takeover ATO has been recognized as an attack in which cybercriminals take ownership of online accounts using stolen passwords and usernames. Cybercriminals purchase a list of account credentials from the dark web that are usually compiled by hackers through social...

0.8AI score
Exploits0
Rows per page
Query Builder