npm package
@lionello/secp256k1-js
pkg:npm/%40lionello/secp256k1-js
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-41340 | — | < 1.1.0 | 1.1.0 | Sep 24, 2022 | The secp256k1-js package before 1.1.0 for Node.js implements ECDSA without required r and s validation, leading to signature forgery. |
- CVE-2022-41340Sep 24, 2022affected < 1.1.0fixed 1.1.0
The secp256k1-js package before 1.1.0 for Node.js implements ECDSA without required r and s validation, leading to signature forgery.