- Reported
-
- Issued
-
- Package
-
libsecp256k1
(crates.io)
- Type
-
Vulnerability
- Categories
-
- Aliases
-
- References
-
- Patched
-
Description
libsecp256k1 accepts signatures whose R or S parameter is larger than the
secp256k1 curve order, which differs from other implementations. This could
lead to invalid signatures being verified.
The error is resolved in 0.5.0 by adding a check_overflow
flag.
Advisory available under CC0-1.0
license.