elliptic vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2025-14505Lowelliptic: Elliptic Uses a Cryptographic Primitive with a Risky ImplementationGHSA-VJH7-7G9H-FJFHCriticalelliptic: Elliptic's private key extraction in ECDSA upon signing a malformed input (e.g. a string)CVE-2024-48948Lowelliptic: Valid ECDSA signatures erroneously rejected in EllipticCVE-2024-48949Lowelliptic: Elliptic's verify function omits uniqueness validationCVE-2024-42461Lowelliptic: Elliptic allows BER-encoded signaturesCVE-2024-42460Lowelliptic: Elliptic's ECDSA missing check for whether leading bit of r and s is zeroCVE-2024-42459Lowelliptic: Elliptic's EDDSA missing signature length checkCVE-2020-28498Mediumelliptic: Elliptic Uses a Broken or Risky Cryptographic AlgorithmCVE-2020-13822Highelliptic: Signature Malleabillity in elliptic

Stop the waste.
Protect your environment with Kodem.