The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-06-04T14:01:53
Updated: 2024-08-04T12:25:16.506Z
Reserved: 2020-06-04T00:00:00
Link: CVE-2020-13822
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-06-04T15:15:13.510
Modified: 2023-11-07T03:16:58.907
Link: CVE-2020-13822
Redhat