CVE-2024-42459 | Elliptic Package 6.5.6 on Node.js EDDSA Signature signature verification

Posted by Angelo Barbosa | Aug 2, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in Elliptic Package 6.5.6 on Node.js. This issue affects some unknown processing of the component EDDSA Signature Handler. The manipulation leads to improper verification of cryptographic signature.

The identification of this vulnerability is CVE-2024-42459. The attack can only be initiated within the local network. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-42459 | Elliptic Package 6.5.6 on Node.js EDDSA Signature signature verification

Related Posts

CVE-2023-52251 | kafka-ui up to 0.7.1 messages q Remote Code Execution

CVE-2023-31506 | Grav up to 1.7.44 ISINDEX Element onmouseover cross site scripting

CVE-2024-39493 | Linux Kernel up to 6.9.4 crypto ADF_DEV_RESET_SYNC memory leak

CVE-2022-24403 | ETSI TETRA Standard TA61 Identity Tetraburst risky encryption