Описание
In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because there is a missing check for whether the leading bit of r and s is zero.
Ссылки
- ExploitIssue Tracking
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:indutny:elliptic:6.5.6:*:*:*:*:node.js:*:*
EPSS
Процентиль: 47%
0.00241
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-130
Связанные уязвимости
CVSS3: 5.3
ubuntu
больше 1 года назад
In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because there is a missing check for whether the leading bit of r and s is zero.
CVSS3: 5.3
redhat
больше 1 года назад
In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because there is a missing check for whether the leading bit of r and s is zero.
CVSS3: 5.3
debian
больше 1 года назад
In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleabilit ...
CVSS3: 5.3
github
больше 1 года назад
Elliptic's ECDSA missing check for whether leading bit of r and s is zero
EPSS
Процентиль: 47%
0.00241
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-130