CVE-2025-14505
Description
The ECDSA implementation of the Elliptic package generates incorrect signatures if an interim value of 'k' (as computed based on step 3.2 of RFC 6979 https://datatracker.ietf.org/doc/html/rfc6979 ) has leading zeros and is susceptible to cryptanalysis, which can lead to secret key exposure. This happens, because the byte-length of 'k' is incorrectly computed, resulting in its getting truncated during the computation. Legitimate transactions or communications will be broken as a result. Furthermore, due to the nature of the fault, attackers could–under certain conditions–derive the secret key, if they could get their hands on both a faulty signature generated by a vulnerable version of Elliptic and a correct signature for the same inputs.
This issue affects all known versions of Elliptic (at the time of writing, versions less than or equal to 6.6.1).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
ellipticnpm | <= 6.6.1 | — |
Affected products
6- osv-coords5 versionspkg:apk/chainguard/librechatpkg:apk/chainguard/opensearch-dashboards-3pkg:apk/chainguard/opensearch-dashboards-3-fipspkg:apk/wolfi/opensearch-dashboards-3pkg:npm/elliptic
< 0.8.4-r7+ 4 more
- (no CPE)range: < 0.8.4-r7
- (no CPE)range: < 3.5.0-r0
- (no CPE)range: < 3.5.0-r0
- (no CPE)range: < 3.5.0-r0
- (no CPE)range: <= 6.6.1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.