Bug: Security - Elliptic Uses a Cryptographic Primitive with a Risky Implementation

[mtmacdonald]

Summary

Hi! Dependabot in one of my projects is flagging a security issue in the elliptic sub-dependency of this package.

I can see the outdated sub-dependency in the lock file.

Can we please have this sub-dependency upgraded to resolve this? Thanks!

[mtmacdonald]

I guess this is blocked by #344 and there is no resolution available yet.

[akhilrangu919]

Elliptic Uses a Cryptographic Primitive with a Risky Implementation.
I'm facing similar issue. This is causing the vulnerabilities in the reports and it is becoming difficult to proceed further with this vulnerability in our applications/repos. Please provide a fix for this vulnerability.
It would be great, if this can be fixed ASAP.