CVE-2024-48949 | Elliptic Package up to 6.5.5 on Node.js index.js verify Privilege Escalation

Inserito da Angelo Barbosa | Ott 10, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in Elliptic Package up to 6.5.5 on Node.js. This issue affects the function verify in the library lib/elliptic/eddsa/index.js. The manipulation leads to Privilege Escalation.

The identification of this vulnerability is CVE-2024-48949. Access to the local network is required for this attack to succeed. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-48949 | Elliptic Package up to 6.5.5 on Node.js index.js verify Privilege Escalation

Post correlati

CVE-2024-42543 | TOTOLINK A3700R 9.1.2u.5822_B20200513 loginauth http_host buffer overflow

CVE-2024-40554 | Tmall Demo 2024.07.03 information disclosure

CVE-2024-11058 | CodeAstro Real Estate Management System up to 1.0 About Us Page /aboutedit.php id sql injection

CVE-2024-39878 | JetBrains TeamCity up to 2024.03.2 GitHub App Connection Testing insufficiently protected credentials