elliptic

Releases86

Frequency1 month 2 weeks

Last Release over 1 year ago

EC cryptography

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-13822 ↗	Jun 4, 2020Thursday, 4 June 2020, 15:15	7.7 HIGH	6.8 MEDIUM
The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature.