VYPR

npm package

@lionello/secp256k1-js

pkg:npm/%40lionello/secp256k1-js

Vulnerabilities (1)

  • CVE-2022-41340Sep 24, 2022
    affected < 1.1.0fixed 1.1.0

    The secp256k1-js package before 1.1.0 for Node.js implements ECDSA without required r and s validation, leading to signature forgery.