Miggo Logo
Miggo Vulnerability Database
CVE-2022-41340

CVE-2022-41340: secp256k1-js implements ECDSA without required r and s validation, leading to signature forgery

7.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2022-41340
GHSA ID
GHSA-q3f4-9h4p-vgr3
EPSS Score
0.13378%
CWE
CWE-347
Published
9/25/2022
Updated
1/28/2023
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
@lionello/secp256k1-jsnpm< 1.1.01.1.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The core vulnerability stems from missing cryptographic parameter validation in ECDSA operations. The patch added critical checks in three key functions: 1) ecverify() now explicitly checks for r/s=0 (CVE's primary focus), 2) ecrecover() added r/s=0 validation and recId range checking, and 3) ecsign() added d/z=0 validation. The high confidence for ecverify/ecrecover comes from direct correlation with CWE-347 and the attack vector described - signature forgery through invalid zero-value signatures. The medium confidence for ecsign reflects that while missing d/z validation could enable other attacks, it wasn't the primary signature forgery path described in the advisory.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** s**p***k*-js p**k*** ***or* *.*.* *or No**.js impl*m*nts ***S* wit*out r*quir** r *n* s v*li**tion, l***in* to si*n*tur* *or**ry.

Reasoning

T** *or* vuln*r**ility st*ms *rom missin* *rypto*r*p*i* p*r*m*t*r v*li**tion in ***S* op*r*tions. T** p*t** ***** *riti**l ****ks in t*r** k*y *un*tions: *) `**v*ri*y()` now *xpli*itly ****ks *or r/s=* (*V*'s prim*ry *o*us), *) `**r**ov*r()` ***** r/