VYPR

Elliptic

by Indutny

npm: elliptic

Source repositories

CVEs (1)

  • CVE-2025-14505MedJan 8, 2026
    risk 0.36cvss 5.6epss 0.00

    The ECDSA implementation of the Elliptic package generates incorrect signatures if an interim value of 'k' (as computed based on step 3.2 of RFC 6979 https://datatracker.ietf.org/doc/html/rfc6979 ) has leading zeros and is susceptible to cryptanalysis, which can lead to secret…