CVE-2024-42460 | Elliptic Package 6.5.6 on Node.js ECDSA Signature signature verification

Posted by Angelo Barbosa | Aug 2, 2024 | CVE

A vulnerability, which was classified as problematic, was found in Elliptic Package 6.5.6 on Node.js. Affected is an unknown function of the component ECDSA Signature Handler. The manipulation leads to improper verification of cryptographic signature.

This vulnerability is traded as CVE-2024-42460. The attack needs to be done within the local network. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-42460 | Elliptic Package 6.5.6 on Node.js ECDSA Signature signature verification

Related Posts

CVE-2024-41810 | Twisted up to 24.3.0 Twisted.web.util.redirectTo cross site scripting (GHSA-cf56-g6w6-pqq2)

CVE-2024-23196 | Linux Kernel up to 6.4 HDA Device Driver snd_hdac_regmap_sync null pointer dereference

CVE-2023-6812 | WP Compress Plugin up to 6.20.01 on WordPress CSS redirect

CVE-2024-3165 | dotCMS 22.02 Dashboard log file (Issue 27910)