Vulnerabilities > Secp256K1 JS Project

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-24	CVE-2022-41340	Improper Verification of Cryptographic Signature vulnerability in Secp256K1-Js Project Secp256K1-Js 1.0.0/1.0.1 The secp256k1-js package before 1.1.0 for Node.js implements ECDSA without required r and s validation, leading to signature forgery. network low complexity secp256k1-js-project CWE-347	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.

Vulnerabilities > Secp256K1 JS Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Secp256K1 JS Project"}]}

Vulnerabilities > Secp256K1 JS Project