{"source":1102901,"name":"elliptic","dependency":"elliptic","title":"Elliptic's private key extraction in ECDSA upon signing a malformed input (e.g. a string)","url":"https://github.com/advisories/GHSA-vjh7-7g9h-fjfh","severity":"critical","versions":["0.1.0","0.2.0","0.3.0","0.4.0","0.5.0","0.6.0","0.6.1","0.7.0","0.8.0","0.9.0","0.9.1","0.9.2","0.10.0","0.10.1","0.10.2","0.11.0","0.11.1","0.12.0","0.13.1","0.13.2","0.14.0","0.14.1","0.14.2","0.15.0","0.15.1","0.15.2","0.15.3","0.15.4","0.15.5","0.15.6","0.15.7","0.15.8","0.15.9","0.15.10","0.15.11","0.15.12","0.15.13","0.15.14","0.15.15","0.15.17","0.16.0","1.0.0","1.0.1","2.0.0","2.0.1","2.0.2","3.0.1","3.0.2","3.0.3","3.0.4","3.1.0","4.0.0","4.1.0","5.0.0","5.1.0","5.2.0","5.2.1","6.0.0","6.0.1","6.0.2","6.1.0","6.2.0","6.2.1","6.2.2","6.2.3","6.2.4","6.2.5","6.2.6","6.2.7","6.2.8","6.3.0","6.3.1","6.3.2","6.3.3","6.4.0","6.4.1","6.5.0","6.5.1","6.5.2","6.5.3","6.5.4","6.5.5","6.5.6","6.5.7","6.6.0","6.6.1"],"vulnerableVersions":["0.1.0","0.2.0","0.3.0","0.4.0","0.5.0","0.6.0","0.6.1","0.7.0","0.8.0","0.9.0","0.9.1","0.9.2","0.10.0","0.10.1","0.10.2","0.11.0","0.11.1","0.12.0","0.13.1","0.13.2","0.14.0","0.14.1","0.14.2","0.15.0","0.15.1","0.15.2","0.15.3","0.15.4","0.15.5","0.15.6","0.15.7","0.15.8","0.15.9","0.15.10","0.15.11","0.15.12","0.15.13","0.15.14","0.15.15","0.15.17","0.16.0","1.0.0","1.0.1","2.0.0","2.0.1","2.0.2","3.0.1","3.0.2","3.0.3","3.0.4","3.1.0","4.0.0","4.1.0","5.0.0","5.1.0","5.2.0","5.2.1","6.0.0","6.0.1","6.0.2","6.1.0","6.2.0","6.2.1","6.2.2","6.2.3","6.2.4","6.2.5","6.2.6","6.2.7","6.2.8","6.3.0","6.3.1","6.3.2","6.3.3","6.4.0","6.4.1","6.5.0","6.5.1","6.5.2","6.5.3","6.5.4","6.5.5","6.5.6","6.5.7","6.6.0"],"cwe":["CWE-200"],"cvss":{"score":0,"vectorString":null},"range":"<=6.6.0","id":"JpGfI/y2QiILfDHajyH9+rF+ef2Eo9BPT++ffzCom2ezaagYWKoFkL+I1M/J190k24pQZrrqciaXEnGjpkHEXw=="}