CVE-2022-41340

Published: Sep 24, 2022

Modified: May 22, 2025

PUBLISHED

The secp256k1-js package before 1.1.0 for Node.js implements ECDSA without required r and s validation, leading to signature forgery.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

x_refsource_MISC

x_refsource_MISC

x_refsource_MISC

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.