CVE-2024-48948 | Elliptic Package 6.5.7 on Node.js ECDSA _truncateToN integrity check (ID 321)

Inserito da Angelo Barbosa | Ott 15, 2024 | CVE

A vulnerability has been found in Elliptic Package 6.5.7 on Node.js and classified as problematic. This vulnerability affects the function _truncateToN of the component ECDSA. The manipulation leads to improper validation of integrity check value.

This vulnerability was named CVE-2024-48948. Access to the local network is required for this attack. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-48948 | Elliptic Package 6.5.7 on Node.js ECDSA _truncateToN integrity check (ID 321)

Post correlati

CVE-2023-46641 | 12 Step Meeting List Plugin up to 3.14.24 on WordPress server-side request forgery

CVE-2024-20071 | MediaTek MT6890/MT6990/MT7622 WLAN Driver out-of-bounds (WCNCR00364733)

CVE-2023-34030 | Really Simple Plugins Complianz Plugin/Complianz Premium Plugin on WordPress cross-site request forgery

CVE-2024-3044 | Document Foundation LibreOffice up to 7.6.6/24.2.2 Graphic On-click Binding code injection