pkg:npm/elliptic

8 total CVEsHIGH1MEDIUM7

✅ Check your installed version

All known vulnerabilities

  • HIGH7.7CVE-2020-13822Signature Malleabillity in elliptic
    from 0, < 6.5.3
  • MEDIUM6.8CVE-2020-28498Elliptic Uses a Broken or Risky Cryptographic Algorithm
    from 0, < 6.5.4
  • MEDIUM5.6CVE-2025-14505Elliptic Uses a Cryptographic Primitive with a Risky Implementation
    from 0, <= 6.6.1
  • MEDIUM5.3CVE-2024-48949Elliptic's verify function omits uniqueness validation
    from 0, < 6.5.6
  • MEDIUM5.3CVE-2024-42459Elliptic's EDDSA missing signature length check
    >= 4.0.0, < 6.5.7
  • MEDIUM5.3CVE-2024-42460Elliptic's ECDSA missing check for whether leading bit of r and s is zero
    >= 2.0.0, < 6.5.7
  • MEDIUM5.3CVE-2024-42461Elliptic allows BER-encoded signatures
    >= 5.2.1, < 6.5.7
  • MEDIUM4.8CVE-2024-48948Valid ECDSA signatures erroneously rejected in Elliptic
    from 0, < 6.6.0