Seal Security raises $13M series A to secure open source code at scale. Read full press release.
.avif)
The Elliptic package before version 6.5.3 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature.
Fix available through Seal Security. No upgrade required, protect your application instantly.
Fix without upgrading