elliptic 6.5.4 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the elliptic package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Use of a Cryptographic Primitive with a Risky Implementation elliptic is a fast elliptic-curve cryptography implementation in plain javascript. Affected versions of this package are vulnerable to Use of a Cryptographic Primitive with a Risky Implementation due to the incorrect computation of the byte-length of `k` value with leading zeros resulting in its truncation. An attacker can obtain the secret key by analyzing both a faulty signature generated by a vulnerable implementation and a correct signature for the same inputs. Note: There is a distinct but related issue CVE-2024-48948. How to fix Use of a Cryptographic Primitive with a Risky Implementation? There is no fixed version for `elliptic`.	*
C Information Exposure elliptic is a fast elliptic-curve cryptography implementation in plain javascript. Affected versions of this package are vulnerable to Information Exposure due to the `sign` function which allows an attacker to extract the private key from an ECDSA signature by signing a malformed input. A single maliciously crafted signed message can enable full key extraction for any previously known message-signature pair. How to fix Information Exposure? Upgrade `elliptic` to version 6.6.1 or higher.	<6.6.1
C Improper Verification of Cryptographic Signature elliptic is a fast elliptic-curve cryptography implementation in plain javascript. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to an anomaly in the `_truncateToN` function. An attacker can cause legitimate transactions or communications to be incorrectly flagged as invalid by exploiting the signature verification process when the hash contains at least four leading 0 bytes, and the order of the elliptic curve's base point is smaller than the hash. In some situations, a private key exposure is possible. This can happen when an attacker knows a faulty and the corresponding correct signature for the same message. Note: The scope of this issue was limited to improper validation of messages with leading zeros and fixed in version 6.6.0. The additional CVE-2025-14505 was issued to track the signature issue related to leading zeros during the computation of `k`. How to fix Improper Verification of Cryptographic Signature? Upgrade `elliptic` to version 6.6.0 or higher.	<6.6.0
H Improper Verification of Cryptographic Signature elliptic is a fast elliptic-curve cryptography implementation in plain javascript. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to improper range validation of the `S` value in the `verify` function, allowing the usage of an invalid signature. Note: This vulnerability could have a security-relevant impact if an application relies on the uniqueness of a signature. How to fix Improper Verification of Cryptographic Signature? Upgrade `elliptic` to version 6.5.6 or higher.	<6.5.6
C Improper Verification of Cryptographic Signature elliptic is a fast elliptic-curve cryptography implementation in plain javascript. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to a missing signature length check in the `EDDSA` signature process. An attacker can manipulate the signature by appending or removing zero-valued bytes. How to fix Improper Verification of Cryptographic Signature? Upgrade `elliptic` to version 6.5.7 or higher.	<6.5.7
C Improper Verification of Cryptographic Signature elliptic is a fast elliptic-curve cryptography implementation in plain javascript. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to the allowance of BER-encoded signatures. An attacker can manipulate the ECDSA signatures by exploiting the signature malleability. How to fix Improper Verification of Cryptographic Signature? Upgrade `elliptic` to version 6.5.7 or higher.	<6.5.7
C Improper Verification of Cryptographic Signature elliptic is a fast elliptic-curve cryptography implementation in plain javascript. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to a missing check for whether the leading bit of `r` and `s` is zero. An attacker can manipulate the ECDSA signature by exploiting this oversight. How to fix Improper Verification of Cryptographic Signature? Upgrade `elliptic` to version 6.5.7 or higher.	<6.5.7

Vulnerability

Vulnerable Version

Use of a Cryptographic Primitive with a Risky Implementation

elliptic is a fast elliptic-curve cryptography implementation in plain javascript.

Affected versions of this package are vulnerable to Use of a Cryptographic Primitive with a Risky Implementation due to the incorrect computation of the byte-length of k value with leading zeros resulting in its truncation. An attacker can obtain the secret key by analyzing both a faulty signature generated by a vulnerable implementation and a correct signature for the same inputs.

Note:

There is a distinct but related issue CVE-2024-48948.

How to fix Use of a Cryptographic Primitive with a Risky Implementation?

There is no fixed version for elliptic.

Information Exposure

elliptic is a fast elliptic-curve cryptography implementation in plain javascript.

Affected versions of this package are vulnerable to Information Exposure due to the sign function which allows an attacker to extract the private key from an ECDSA signature by signing a malformed input. A single maliciously crafted signed message can enable full key extraction for any previously known message-signature pair.

How to fix Information Exposure?

Upgrade elliptic to version 6.6.1 or higher.

<6.6.1

Improper Verification of Cryptographic Signature

elliptic is a fast elliptic-curve cryptography implementation in plain javascript.

Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to an anomaly in the _truncateToN function. An attacker can cause legitimate transactions or communications to be incorrectly flagged as invalid by exploiting the signature verification process when the hash contains at least four leading 0 bytes, and the order of the elliptic curve's base point is smaller than the hash.

In some situations, a private key exposure is possible. This can happen when an attacker knows a faulty and the corresponding correct signature for the same message.

Note:

The scope of this issue was limited to improper validation of messages with leading zeros and fixed in version 6.6.0. The additional CVE-2025-14505 was issued to track the signature issue related to leading zeros during the computation of k.

How to fix Improper Verification of Cryptographic Signature?

Upgrade elliptic to version 6.6.0 or higher.

<6.6.0

Improper Verification of Cryptographic Signature

elliptic is a fast elliptic-curve cryptography implementation in plain javascript.

Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to improper range validation of the S value in the verify function, allowing the usage of an invalid signature.

Note:

This vulnerability could have a security-relevant impact if an application relies on the uniqueness of a signature.

How to fix Improper Verification of Cryptographic Signature?

Upgrade elliptic to version 6.5.6 or higher.

<6.5.6

Improper Verification of Cryptographic Signature

elliptic is a fast elliptic-curve cryptography implementation in plain javascript.

Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to a missing signature length check in the EDDSA signature process. An attacker can manipulate the signature by appending or removing zero-valued bytes.

How to fix Improper Verification of Cryptographic Signature?

Upgrade elliptic to version 6.5.7 or higher.

<6.5.7

Improper Verification of Cryptographic Signature

elliptic is a fast elliptic-curve cryptography implementation in plain javascript.

Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to the allowance of BER-encoded signatures. An attacker can manipulate the ECDSA signatures by exploiting the signature malleability.

How to fix Improper Verification of Cryptographic Signature?

Upgrade elliptic to version 6.5.7 or higher.

<6.5.7

Improper Verification of Cryptographic Signature

elliptic is a fast elliptic-curve cryptography implementation in plain javascript.

Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to a missing check for whether the leading bit of r and s is zero. An attacker can manipulate the ECDSA signature by exploiting this oversight.

How to fix Improper Verification of Cryptographic Signature?

Upgrade elliptic to version 6.5.7 or higher.

<6.5.7

elliptic@6.5.4 vulnerabilities

EC cryptography

latest version

first published

latest version published

licenses detected

Direct Vulnerabilities

Fix vulnerabilities automatically