pkg:npm/tiny-secp256k1
2 total CVEs
✅ Check your installed version
All known vulnerabilities
—CVE-2024-49365tiny-secp256k1 allows for verify() bypass when running in bundled environment from 0, < 1.1.7
—CVE-2024-49364tiny-secp256k1 vulnerable to private key extraction when signing a malicious JSON-stringifyable message in bundled environment from 0, < 1.1.7