CVE-2025-14505

Name of the Vulnerable Software and Affected Versions Elliptic versions prior to 6.6.2

Description The ECDSA implementation within the Elliptic package produces incorrect signatures when an interim value of k (calculated according to step 3.2 of RFC 6979) contains leading zeros, making it susceptible to cryptanalysis and potentially exposing the secret key. This occurs because the byte-length of k is calculated incorrectly, leading to truncation during computation. This can disrupt legitimate transactions or communications. An attacker, under specific conditions, could derive the secret key by obtaining both a faulty signature generated by a vulnerable version of Elliptic and a correct signature for the same inputs.

Recommendations Update to Elliptic version 6.6.2 or later.