CVE-2024-48949 | Elliptic Package up to 6.5.5 on Node.js index.js verify Privilege Escalation

Posted by Angelo Barbosa | Oct 10, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in Elliptic Package up to 6.5.5 on Node.js. This issue affects the function verify in the library lib/elliptic/eddsa/index.js. The manipulation leads to Privilege Escalation.

The identification of this vulnerability is CVE-2024-48949. Access to the local network is required for this attack to succeed. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-48949 | Elliptic Package up to 6.5.5 on Node.js index.js verify Privilege Escalation

Related Posts

CVE-2024-6167 | aprokopenko Just Custom Fields Plugin up to 3.3.2 on WordPress authorization

CVE-2023-46294 | Teledyne FLIR M300 2.00-19 permission

CVE-2023-50377 | AB-WP Simple Counter Plugin up to 1.0.2 on WordPress cross site scripting

CVE-2024-31201 | Plug&Track Thermoscan IP 20211103 ThermoscanIP_Scrutation Service C: unquoted search path