secp256k1-js implements ECDSA without required r and s validation, leading to signature forgery
High severity
GitHub Reviewed
Published
Sep 25, 2022
to the GitHub Advisory Database
•
Updated Jan 28, 2023
Give feedback on Dependabot alerts