Vulnerabilities > Elliptic Project

DATE CVE VULNERABILITY TITLE RISK
2024-08-02 CVE-2024-42461 Improper Verification of Cryptographic Signature vulnerability in Elliptic Project Elliptic 6.5.6
In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signatures are allowed.
network
low complexity
elliptic-project CWE-347
critical
9.1