Skip to main content

Secp256K1 Js

1 CVEs product

Monthly

CVE-2022-41340 npm HIGH PATCH This Week

The secp256k1-js package before 1.1.0 for Node.js implements ECDSA without required r and s validation, leading to signature forgery. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Jwt Attack Node.js Secp256K1 Js
NVD GitHub
CVSS 3.1
7.5
EPSS
0.5%
EPSS 0% CVSS 7.5
HIGH PATCH This Week

The secp256k1-js package before 1.1.0 for Node.js implements ECDSA without required r and s validation, leading to signature forgery. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Jwt Attack Node.js +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy