CNNVD-202601-1396 Information

CNNVD ID

CNNVD-202601-1396

Related CVE

CVE-2025-14505

• CNNVD Published: 2026-01-08

Description (Chinese)

Elliptic是Fedor Indutny个人开发者的一个 javascript 中的快速椭圆曲线密码库。 Elliptic 6.6.1及之前版本存在安全漏洞，该漏洞源于ECDSA实现中k值计算错误，可能导致密钥泄露。

Description (English)

Elliptic is the fast elliptical curve password library in a javascript of Fedor Indutny personal developer. There is a security loophole in Elliptic 6.6.1 and earlier versions, which stems from the CCDSA ’ s k-minority calculation error, which may lead to the release of the key.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-01-08

Last Modified

2026-02-24

References

https://github.com/indutny/elliptic/issues/321 https://www.herodevs.com/vulnerability-directory/cve-2025-14505