nodejs Elliptic
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in nodejs Elliptic.
By the Year
In 2026 there have been 0 vulnerabilities in nodejs Elliptic. Elliptic did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 1 | 4.80 |
It may take a day or so for new Elliptic vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent nodejs Elliptic Security Vulnerabilities
Elliptic 6.5.7 Node.js ECDSA Valid Signature Rejects due to TruncateToN
CVE-2024-48948
4.8 - Medium
- October 15, 2024
The Elliptic package 6.5.7 for Node.js, in its for ECDSA implementation, does not correctly verify valid signatures if the hash contains at least four leading 0 bytes and when the order of the elliptic curve's base point is smaller than the hash, because of an _truncateToN anomaly. This leads to valid signatures being rejected. Legitimate transactions or communications may be incorrectly flagged as invalid.
Improper Verification of Cryptographic Signature
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for nodejs Elliptic or by nodejs? Click the Watch button to subscribe.
