pkg:npm/elliptic
8 total CVEsHIGH1MEDIUM7
✅ Check your installed version
All known vulnerabilities
from 0, < 6.5.3
MEDIUM6.8CVE-2020-28498Elliptic Uses a Broken or Risky Cryptographic Algorithm from 0, < 6.5.4
MEDIUM5.6CVE-2025-14505Elliptic Uses a Cryptographic Primitive with a Risky Implementation from 0, <= 6.6.1
MEDIUM5.3Elliptic's verify function omits uniqueness validation
from 0, < 6.5.6
MEDIUM5.3Elliptic's EDDSA missing signature length check
>= 4.0.0, < 6.5.7
MEDIUM5.3Elliptic's ECDSA missing check for whether leading bit of r and s is zero
>= 2.0.0, < 6.5.7
MEDIUM5.3Elliptic allows BER-encoded signatures
>= 5.2.1, < 6.5.7
MEDIUM4.8Valid ECDSA signatures erroneously rejected in Elliptic
from 0, < 6.6.0