CVE-2024-42461 | Elliptic Package 6.5.6 on Node.js ECDSA Signature signature verification

Posted by Angelo Barbosa | Aug 2, 2024 | CVE

A vulnerability has been found in Elliptic Package 6.5.6 on Node.js and classified as problematic. Affected by this vulnerability is an unknown functionality of the component ECDSA Signature Handler. The manipulation leads to improper verification of cryptographic signature.

This vulnerability is known as CVE-2024-42461. The attack needs to be initiated within the local network. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-42461 | Elliptic Package 6.5.6 on Node.js ECDSA Signature signature verification

Related Posts

CVE-2024-31636 | LIEF 0.14.1 machd_reader.c name information disclosure

CVE-2024-1064 | Arcadia Technology Crafty Controller up to 4.2.2 HTTP Host http headers for scripting syntax (Issue 327)

CVE-2024-6728 | itsourcecode Tailoring Management System 1.0 typeedit.php id sql injection

CVE-2024-38491 | Broadcom Symantec Privileged Access Management up to 3.4.6/4.1.7 information disclosure