Commit b51edb7
Manually update elliptic to v6.5.7 for security update
Use `npm audit fix` to update one dependency in the lock.
elliptic v2.0.0 - 6.5.6 affected:
- Elliptic's ECDSA missing check for whether leading bit of r and s is zero - GHSA-977x-g7h5-7qgw
- Elliptic's EDDSA missing signature length check - GHSA-f7q4-pwc6-w24p
- Elliptic allows BER-encoded signatures - GHSA-49q7-c7j4-3p7m1 parent f328ea0 commit b51edb7
1 file changed
+4
-3
lines changedSome generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
0 commit comments