Starkbank - Ecdsa-node CVE

Filtered by vendor Starkbank Subscribe

Filtered by product Ecdsa-node

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-43571	1 Starkbank	1 Ecdsa-node	2023-12-10	7.5 HIGH	9.8 CRITICAL
The verify function in the Stark Bank Node.js ECDSA library (ecdsa-node) 1.1.2 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages.

Vulnerabilities (CVE)