Headline
CVE-2022-41340: Comparing 1.0.1...1.1.0 · lionello/secp256k1-js
The secp256k1-js package before 1.1.0 for Node.js implements ECDSA without required r and s validation, leading to signature forgery.
Permalink
Comparing changes
Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also .
Open a pull request
Create a new pull request by comparing changes across two branches. If you need to, you can also .
base repository: lionello/secp256k1-js base: 1.0.1
head repository: lionello/secp256k1-js compare: 1.1.0
- 13 commits
- 8 files changed
- 4 contributors
Commits on Jun 18, 2019
Commits on Feb 18, 2020
Commits on Mar 8, 2021
Commits on Apr 29, 2021
Commits on Sep 23, 2022
Commits on Sep 24, 2022
Related news
The secp256k1-js package before 1.1.0 for Node.js implements ECDSA without required r and s validation, leading to signature forgery.