You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Aug 15, 2024. It is now read-only.
The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding,
leading '\0' bytes, or integer overflows.
This could conceivably have a security-relevant impact if an application relied on a
single canonical signature. I'm using Elliptic 6.5.3 version but still I'm facing this issue in my project.
Could you please let me know what could be the reason for this?
I tried npm install elliptic@6.5.3
and
npm audit fix
and I played around lot of other ways but still issue persists.
Thanks
Image reference:
**
Note: Actually, this issue is throwing by node-libs-browser. node-libs-browser is internally using few packages and those packages are internally using elliptic.
Hi
Issue:
Could you please let me know what could be the reason for this?
Thanks
Image reference:
**
**