@lionello/secp256k1-js

Releases3

Frequency2 years 3 weeks

Last Release almost 4 years ago

Pure JS implementation of secp256k1 signing, verification, recovery ECDSA.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-41340 ↗	Sep 24, 2022Saturday, 24 September 2022, 19:15	7.5 HIGH	—
The secp256k1-js package before 1.1.0 for Node.js implements ECDSA without required r and s validation, leading to signature forgery.