VYPR

npm package

secp256k1

pkg:npm/secp256k1

Vulnerabilities (1)

  • CVE-2024-48930HigOct 21, 2024
    affected >= 5.0.0, < 5.0.1fixed 5.0.1

    secp256k1-node is a Node.js binding for an Optimized C library for EC operations on curve secp256k1. In `elliptic`-based version, `loadUncompressedPublicKey` has a check that the public key is on the curve. Prior to versions 5.0.1, 4.0.4, and 3.8.1, however, `loadCompressedPublic