(2024). There are other vulnerabilities in that library too. I reported some (with some PRs) | alt Hacker News

alt Hacker News

mmsc • last Thursday at 5:39 AM • 0 replies • view on HN

(2024).

There are other vulnerabilities in that library too. I reported some (with some PRs) https://github.com/indutny/elliptic/pull/338, https://github.com/indutny/elliptic/pull/337, https://github.com/indutny/elliptic/issues/339 but I assume they'll never get fixed.

The library is dead and should be marked as vulnerable on npmjs tbh.