VulnerableCode Package Details - pkg:npm/elliptic@6.6.1

Search for packages

Vulnerability	Summary	Fixed by
VCID-ew32-3yaw-hfgg Aliases: CVE-2025-14505 GHSA-848j-6mx2-7j84	Elliptic Uses a Cryptographic Primitive with a Risky Implementation The ECDSA implementation of the Elliptic package generates incorrect signatures if an interim value of 'k' (as computed based on step 3.2 of RFC 6979 https://datatracker.ietf.org/doc/html/rfc6979 ) has leading zeros and is susceptible to cryptanalysis, which can lead to secret key exposure. This happens, because the byte-length of 'k' is incorrectly computed, resulting in its getting truncated during the computation. Legitimate transactions or communications will be broken as a result. Furthermore, due to the nature of the fault, attackers could–under certain conditions–derive the secret key, if they could get their hands on both a faulty signature generated by a vulnerable version of Elliptic and a correct signature for the same inputs. This issue affects all known versions of Elliptic (at the time of writing, versions less than or equal to 6.6.1).	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-ew32-3yaw-hfgg
Aliases:
CVE-2025-14505
GHSA-848j-6mx2-7j84

Elliptic Uses a Cryptographic Primitive with a Risky Implementation The ECDSA implementation of the Elliptic package generates incorrect signatures if an interim value of 'k' (as computed based on step 3.2 of RFC 6979 https://datatracker.ietf.org/doc/html/rfc6979 ) has leading zeros and is susceptible to cryptanalysis, which can lead to secret key exposure. This happens, because the byte-length of 'k' is incorrectly computed, resulting in its getting truncated during the computation. Legitimate transactions or communications will be broken as a result. Furthermore, due to the nature of the fault, attackers could–under certain conditions–derive the secret key, if they could get their hands on both a faulty signature generated by a vulnerable version of Elliptic and a correct signature for the same inputs. This issue affects all known versions of Elliptic (at the time of writing, versions less than or equal to 6.6.1).

There are no reported fixed by versions.

Vulnerability	Summary	Aliases
VCID-naf1-wstu-budj	Elliptic's private key extraction in ECDSA upon signing a malformed input (e.g. a string) Private key can be extracted from ECDSA signature upon signing a malformed input (e.g. a string or a number), which could e.g. come from JSON network input Note that `elliptic` by design accepts hex strings as one of the possible input types	GHSA-vjh7-7g9h-fjfh

Vulnerability

Summary

Aliases

VCID-naf1-wstu-budj

Elliptic's private key extraction in ECDSA upon signing a malformed input (e.g. a string) Private key can be extracted from ECDSA signature upon signing a malformed input (e.g. a string or a number), which could e.g. come from JSON network input Note that `elliptic` by design accepts hex strings as one of the possible input types

GHSA-vjh7-7g9h-fjfh

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-05T21:55:03.051780+00:00	GHSA Importer	Affected by	VCID-ew32-3yaw-hfgg	https://github.com/advisories/GHSA-848j-6mx2-7j84	38.6.0
2026-06-04T17:10:55.634468+00:00	GithubOSV Importer	Fixing	VCID-naf1-wstu-budj	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/02/GHSA-vjh7-7g9h-fjfh/GHSA-vjh7-7g9h-fjfh.json	38.6.0
2026-06-04T16:23:19.139109+00:00	GitLab Importer	Fixing	VCID-naf1-wstu-budj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/elliptic/GHSA-vjh7-7g9h-fjfh.yml	38.6.0
2026-06-02T04:49:25.903074+00:00	GitLab Importer	Affected by	VCID-ew32-3yaw-hfgg	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/elliptic/CVE-2025-14505.yml	38.6.0