Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

npm

elliptic

npm

EC cryptography

View on github.com · View on npmjs.org

Security Advisories for elliptic in npm

Critical
9 months ago

Elliptic's private key extraction in ECDSA upon signing a malformed input (e.g. a string) GSA_kwCzR0hTQS12amg3LTdnOWgtZmpmaM4ABEZ4

npm elliptic
Low
about 1 year ago

Valid ECDSA signatures erroneously rejected in Elliptic GSA_kwCzR0hTQS1mYzloLXdocTItdjc0N84ABARZ

npm elliptic
Low
about 1 year ago

Elliptic's verify function omits uniqueness validation GSA_kwCzR0hTQS00MzRnLTI2MzctcW1xcs4ABAJS

npm elliptic
Low
over 1 year ago

Elliptic's ECDSA missing check for whether leading bit of r and s is zero GSA_kwCzR0hTQS05Nzd4LWc3aDUtN3Fnd84AA-Vv

npm elliptic
Low
over 1 year ago

Elliptic allows BER-encoded signatures GSA_kwCzR0hTQS00OXE3LWM3ajQtM3A3bc4AA-Vw

npm elliptic
Low
over 1 year ago

Elliptic's EDDSA missing signature length check GSA_kwCzR0hTQS1mN3E0LXB3YzYtdzI0cM4AA-Vu

npm elliptic
Moderate
over 4 years ago

Elliptic Uses a Broken or Risky Cryptographic Algorithm MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI5cDktbXJqbS05MjZ3

npm elliptic
High
over 5 years ago

Signature Malleabillity in elliptic MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZoN20tcDcyNC02MmMy

npm elliptic

Filter by Severity

Low 5 Moderate 1 High 1 Critical 1