CVE-2020-13822

Published: 2020-06-04T15:15Z

Last Modified: 2024-11-21T05:01Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt