elliptic 0.14.2 vulnerabilities

Known vulnerabilities in the elliptic package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
C Information Exposure elliptic is a fast elliptic-curve cryptography implementation in plain javascript. Affected versions of this package are vulnerable to Information Exposure due to the `sign` function which allows an attacker to extract the private key from an ECDSA signature by signing a malformed input. A single maliciously crafted signed message can enable full key extraction for any previously known message-signature pair. How to fix Information Exposure? Upgrade `elliptic` to version 6.6.1 or higher.	<6.6.1
C Improper Verification of Cryptographic Signature elliptic is a fast elliptic-curve cryptography implementation in plain javascript. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to an anomaly in the `_truncateToN` function. An attacker can cause legitimate transactions or communications to be incorrectly flagged as invalid by exploiting the signature verification process when the hash contains at least four leading 0 bytes, and the order of the elliptic curve's base point is smaller than the hash. In some situations, a private key exposure is possible. This can happen when an attacker knows a faulty and the corresponding correct signature for the same message. How to fix Improper Verification of Cryptographic Signature? There is no fixed version for `elliptic`.	*
H Improper Verification of Cryptographic Signature elliptic is a fast elliptic-curve cryptography implementation in plain javascript. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to improper range validation of the `S` value in the `verify` function, allowing the usage of an invalid signature. Note: This vulnerability could have a security-relevant impact if an application relies on the uniqueness of a signature. How to fix Improper Verification of Cryptographic Signature? Upgrade `elliptic` to version 6.5.6 or higher.	<6.5.6
C Improper Verification of Cryptographic Signature elliptic is a fast elliptic-curve cryptography implementation in plain javascript. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to a missing signature length check in the `EDDSA` signature process. An attacker can manipulate the signature by appending or removing zero-valued bytes. How to fix Improper Verification of Cryptographic Signature? Upgrade `elliptic` to version 6.5.7 or higher.	<6.5.7
C Improper Verification of Cryptographic Signature elliptic is a fast elliptic-curve cryptography implementation in plain javascript. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to the allowance of BER-encoded signatures. An attacker can manipulate the ECDSA signatures by exploiting the signature malleability. How to fix Improper Verification of Cryptographic Signature? Upgrade `elliptic` to version 6.5.7 or higher.	<6.5.7
C Improper Verification of Cryptographic Signature elliptic is a fast elliptic-curve cryptography implementation in plain javascript. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to a missing check for whether the leading bit of `r` and `s` is zero. An attacker can manipulate the ECDSA signature by exploiting this oversight. How to fix Improper Verification of Cryptographic Signature? Upgrade `elliptic` to version 6.5.7 or higher.	<6.5.7
M Cryptographic Issues elliptic is a fast elliptic-curve cryptography implementation in plain javascript. Affected versions of this package are vulnerable to Cryptographic Issues via the `secp256k1` implementation in `elliptic/ec/key.js`. There is no check to confirm that the public key point passed into the derive function actually exists on the `secp256k1` curve. This results in the potential for the private key used in this implementation to be revealed after a number of ECDH operations are performed. How to fix Cryptographic Issues? Upgrade `elliptic` to version 6.5.4 or higher.	<6.5.4
H Cryptographic Issues elliptic is a fast elliptic-curve cryptography implementation in plain javascript. Affected versions of this package are vulnerable to Cryptographic Issues. Elliptic allows ECDSA signature malleability via variations in encoding, leading `\0` bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature. PoC var crypto = require('crypto') var EC = require('elliptic').ec; var ec = new EC('secp256k1'); var obj = require("./poc_ecdsa_secp256k1_sha256_test.json"); for (let testGroup of obj.testGroups) { var key = ec.keyFromPublic(testGroup.key.uncompressed, 'hex'); for(let test of testGroup.tests) { console.log("[*] Test " + test.tcId + " result: " + test.result) msgHash = crypto.createHash('sha256').update(Buffer.from(test.msg, 'hex')).digest(); try { result = key.verify(msgHash, Buffer.from(test.sig, 'hex')); if (result == true) { if (test.result == "valid" \|\| test.result == "acceptable") console.log("Result: PASS"); else console.log("Result: FAIL") } if (result == false) { if (test.result == "valid" \|\| test.result == "acceptable") console.log("Result: FAIL"); else console.log("Result: PASS") } } catch (e) { console.log("ERROR - VERIFY: " + e) if (test.result == "valid" \|\| test.result == "acceptable") console.log("Result: FAIL"); else console.log("Result: PASS") } } } How to fix Cryptographic Issues? Upgrade `elliptic` to version 6.5.3 or higher.	<6.5.3
M Timing Attack elliptic is a fast elliptic-curve cryptography implementation in plain javascript. Affected versions of this package are vulnerable to Timing Attack. Practical recovery of the long-term private key generated by the library is possible under certain conditions. Leakage of bit-length of a scalar during scalar multiplication is possible on an elliptic curve which might allow practical recovery of the long-term private key. How to fix Timing Attack? Upgrade `elliptic` to version 6.5.2 or higher.	<6.5.2

Vulnerability

Vulnerable Version

Information Exposure

elliptic is a fast elliptic-curve cryptography implementation in plain javascript.

Affected versions of this package are vulnerable to Information Exposure due to the sign function which allows an attacker to extract the private key from an ECDSA signature by signing a malformed input. A single maliciously crafted signed message can enable full key extraction for any previously known message-signature pair.

How to fix Information Exposure?

Upgrade elliptic to version 6.6.1 or higher.

<6.6.1

Improper Verification of Cryptographic Signature

elliptic is a fast elliptic-curve cryptography implementation in plain javascript.

Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to an anomaly in the _truncateToN function. An attacker can cause legitimate transactions or communications to be incorrectly flagged as invalid by exploiting the signature verification process when the hash contains at least four leading 0 bytes, and the order of the elliptic curve's base point is smaller than the hash. In some situations, a private key exposure is possible. This can happen when an attacker knows a faulty and the corresponding correct signature for the same message.

How to fix Improper Verification of Cryptographic Signature?

There is no fixed version for elliptic.

Improper Verification of Cryptographic Signature

elliptic is a fast elliptic-curve cryptography implementation in plain javascript.

Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to improper range validation of the S value in the verify function, allowing the usage of an invalid signature.

Note:

This vulnerability could have a security-relevant impact if an application relies on the uniqueness of a signature.

How to fix Improper Verification of Cryptographic Signature?

Upgrade elliptic to version 6.5.6 or higher.

<6.5.6

Improper Verification of Cryptographic Signature

elliptic is a fast elliptic-curve cryptography implementation in plain javascript.

Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to a missing signature length check in the EDDSA signature process. An attacker can manipulate the signature by appending or removing zero-valued bytes.

How to fix Improper Verification of Cryptographic Signature?

Upgrade elliptic to version 6.5.7 or higher.

<6.5.7

Improper Verification of Cryptographic Signature

elliptic is a fast elliptic-curve cryptography implementation in plain javascript.

Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to the allowance of BER-encoded signatures. An attacker can manipulate the ECDSA signatures by exploiting the signature malleability.

How to fix Improper Verification of Cryptographic Signature?

Upgrade elliptic to version 6.5.7 or higher.

<6.5.7

Improper Verification of Cryptographic Signature

elliptic is a fast elliptic-curve cryptography implementation in plain javascript.

Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to a missing check for whether the leading bit of r and s is zero. An attacker can manipulate the ECDSA signature by exploiting this oversight.

How to fix Improper Verification of Cryptographic Signature?

Upgrade elliptic to version 6.5.7 or higher.

<6.5.7

Cryptographic Issues

elliptic is a fast elliptic-curve cryptography implementation in plain javascript.

Affected versions of this package are vulnerable to Cryptographic Issues via the secp256k1 implementation in elliptic/ec/key.js. There is no check to confirm that the public key point passed into the derive function actually exists on the secp256k1 curve. This results in the potential for the private key used in this implementation to be revealed after a number of ECDH operations are performed.

How to fix Cryptographic Issues?

Upgrade elliptic to version 6.5.4 or higher.

<6.5.4

Cryptographic Issues

elliptic is a fast elliptic-curve cryptography implementation in plain javascript.

Affected versions of this package are vulnerable to Cryptographic Issues. Elliptic allows ECDSA signature malleability via variations in encoding, leading \0 bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature.

PoC

var crypto = require('crypto')
var EC = require('elliptic').ec;
var ec = new EC('secp256k1');

var obj = require("./poc_ecdsa_secp256k1_sha256_test.json");

for (let testGroup of obj.testGroups) {

    var key = ec.keyFromPublic(testGroup.key.uncompressed, 'hex');
    
    for(let test of testGroup.tests) {
     console.log("[*] Test " + test.tcId + " result: " + test.result)

     msgHash = crypto.createHash('sha256').update(Buffer.from(test.msg, 'hex')).digest();
     
     try {
      result = key.verify(msgHash, Buffer.from(test.sig, 'hex'));

     if (result == true) {
      if (test.result == "valid" || test.result == "acceptable")
       console.log("Result: PASS");
      else
       console.log("Result: FAIL")     
     }

     if (result == false) {
      if (test.result == "valid" || test.result == "acceptable")
       console.log("Result: FAIL");
      else
       console.log("Result: PASS")     
     }



     } catch (e) {
      console.log("ERROR - VERIFY: " + e)

      if (test.result == "valid" || test.result == "acceptable")
       console.log("Result: FAIL");
      else
       console.log("Result: PASS")     



     }


    }

}

How to fix Cryptographic Issues?

Upgrade elliptic to version 6.5.3 or higher.

<6.5.3

Timing Attack

elliptic is a fast elliptic-curve cryptography implementation in plain javascript.

Affected versions of this package are vulnerable to Timing Attack. Practical recovery of the long-term private key generated by the library is possible under certain conditions. Leakage of bit-length of a scalar during scalar multiplication is possible on an elliptic curve which might allow practical recovery of the long-term private key.

How to fix Timing Attack?

Upgrade elliptic to version 6.5.2 or higher.

<6.5.2

elliptic@0.14.2 vulnerabilities

EC cryptography

latest version

first published

latest version published

licenses detected

Direct Vulnerabilities

How to fix?

PoC