HistoryEditJSON (OSV)

RUSTSEC-2021-0076

libsecp256k1 allows overflowing signatures

Reported
Issued
Package
libsecp256k1 (crates.io)
Type
Vulnerability
Categories
Aliases
References
Patched
  • >=0.5.0

Description

libsecp256k1 accepts signatures whose R or S parameter is larger than the secp256k1 curve order, which differs from other implementations. This could lead to invalid signatures being verified.

The error is resolved in 0.5.0 by adding a check_overflow flag.

Advisory available under CC0-1.0 license.