Security: bitcoinjs/tiny-secp256k1
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
verify() bypass when running in bundled environmentGHSA-5vhg-9xg4-cv9m published
Jun 29, 2025 by junderwCritical -
Private key extraction when signing a malicious JSON-stringifyable message in bundled environmentGHSA-7mc2-6phr-23xc published
Jun 29, 2025 by junderwCritical