Vulnerabilities > Indutny

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-10	CVE-2024-48949	Improper Verification of Cryptographic Signature vulnerability in Indutny Elliptic The verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits "sig.S().gte(sig.eddsa.curve.n) \|\| sig.S().isNeg()" validation. network low complexity indutny CWE-347 critical	9.1
2021-02-02	CVE-2020-28498	Use of a Broken or Risky Cryptographic Algorithm vulnerability in Indutny Elliptic The package elliptic before 6.5.4 are vulnerable to Cryptographic Issues via the secp256k1 implementation in elliptic/ec/key.js. network high complexity indutny CWE-327	6.8
2020-06-04	CVE-2020-13822	Integer Overflow or Wraparound vulnerability in Indutny Elliptic 6.5.2 The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. network high complexity indutny CWE-190	7.7

Vulnerabilities > Indutny {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Indutny"}]}