Elliptic@6.5.6 Security Vulnerabilities and Issues — Elliptic@6.5.6 CVE List

Lucene search

IndutnyElliptic6.5.6

2 matches found

CVE•added 2024/08/02 7:16 a.m.•53 views

CVE-2024-42459

In the Elliptic package 6.5.6 for Node.js, EDDSA signature malleability occurs because there is a missing signature length check, and thus zero-valued bytes can be removed or appended.

5.3CVSS7.2AI score0.00083EPSS

CVE•added 2024/08/02 7:16 a.m.•51 views

CVE-2024-42460

In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because there is a missing check for whether the leading bit of r and s is zero.

5.3CVSS7.2AI score0.00152EPSS