FYI: two vulnerabilities in elliptic, a widely used JavaScript library for elliptic curve cryptography
The maintainer seems to have abandoned it: https://github.com/indutny/elliptic/issues
I wrote a shim library and posted it on their issue tracker: https://github.com/indutny/elliptic/issues/343
Unfortunately, adoption seems slow. I'm talking with a few people about how to move the ecosystem to something more secure like noble-curves, but it's tricky.
alt Hacker News
The maintainer seems to have abandoned it: https://github.com/indutny/elliptic/issues
I wrote a shim library and posted it on their issue tracker: https://github.com/indutny/elliptic/issues/343
Unfortunately, adoption seems slow. I'm talking with a few people about how to move the ecosystem to something more secure like noble-curves, but it's tricky.