Vulnerabilities > Elliptic Project > Elliptic > 6.5.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-02 | CVE-2020-28498 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Elliptic Project Elliptic The package elliptic before 6.5.4 are vulnerable to Cryptographic Issues via the secp256k1 implementation in elliptic/ec/key.js. | 4.3 |
2020-06-04 | CVE-2020-13822 | Integer Overflow or Wraparound vulnerability in Elliptic Project Elliptic 6.5.2 The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. | 7.7 |