Elliptic Project - Elliptic CVE

Filtered by vendor Elliptic Project Subscribe

Filtered by product Elliptic

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-13822	1 Elliptic Project	1 Elliptic	2020-07-02	6.8 MEDIUM	7.7 HIGH
The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature.

Vulnerabilities (CVE)