Elliptic's private key extraction in ECDSA upon signing a malformed input (e.g. a string)

Severity:: High

Description

Private key can be extracted from ECDSA signature upon signing a malformed input (e.g. a string or a number), which could e.g. come from JSON network input

Note that elliptic by design accepts hex strings as one of the possible input types

Recommendation

Update the elliptic package to the latest compatible version. Followings are version details:

Affected version(s): <= 6.6.0
Patched version(s): 6.6.1

References

GHSA-vjh7-7g9h-fjfh
CWE-200
OWASP 2021-A1

Related Issues

Valid ECDSA signatures erroneously rejected in Elliptic - CVE-2024-48948
Elliptic allows BER-encoded signatures - CVE-2024-42461
Elliptic's ECDSA missing check for whether leading bit of r and s is zero - CVE-2024-42460
Elliptic's EDDSA missing signature length check - CVE-2024-42459

Tags:: npm; elliptic

Anything's wrong? Let us know Last updated on February 23, 2025