Description
The ECDSA implementation of the Elliptic package generates incorrect signatures if an interim value of ‘k’ (as computed based on step 3.2 of RFC 6979 https://datatracker.ietf.org/doc/html/rfc6979 ) has leading zeros and is susceptible to cryptanalysis, which can lead to secret key exposure.
Recommendation
No fix is available yet. Followings are affected versions:
- <= 6.6.1
References
Related Issues
- Elliptic Uses a Broken or Risky Cryptographic Algorithm - CVE-2020-28498
- Manifest Uses a One-Way Hash without a Salt - CVE-2025-27408
- nanotar is vulnerable to path traversal in parseTar() and parseTarGzip() - CVE-2025-69874
- FUXA allows Remote Code Execution (RCE) via the project import functionality. - CVE-2025-69983
- Tags:
- npm
- elliptic
Anything's wrong? Let us know Last updated on January 09, 2026