io.finnet tss-lib before 2.0.0 can leak a secret key via a timing side-channel attack because it relies on the scalar-multiplication implementation in Go crypto/elliptic, which is not constant time (there is an if statement in a loop). One leak is in ecdsa/keygen/round_2.go. (bnb-chain/tss-lib and....
9.1CVSS
9AI Score
0.001EPSS
io.finnet tss-lib before 2.0.0 can leak the lambda value of a private key via a timing side-channel attack because it relies on Go big.Int, which is not constant time for Cmp, modular exponentiation, or modular inverse. An example leak is in crypto/paillier/paillier.go. (bnb-chain/tss-lib and...
7.5CVSS
7.4AI Score
0.001EPSS
An issue was discovered in IO FinNet tss-lib before 2.0.0. The parameter ssid for defining a session id is not used through the MPC implementation, which makes replaying and spoofing of messages easier. In particular, the Schnorr proof of knowledge implemented in sch.go does not utilize a session.....
6.8CVSS
6.5AI Score
0.001EPSS
tpm2-tss is an open source software implementation of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2 Software Stack (TSS2). In affected versions Tss2_RC_SetHandler and Tss2_RC_Decode both index into layer_handler with an 8 bit layer number, but the array only has...
6.4CVSS
6.5AI Score
0.0004EPSS
9.1CVSS
9.1AI Score
0.001EPSS
The keygen protocol implementation in Binance tss-lib before 1.2.0 allows attackers to generate crafted h1 and h2 parameters in order to compromise a signing round or obtain sensitive information from other...
8.2CVSS
7.8AI Score
0.002EPSS
tss 0.8.1 allows local users to read arbitrary files via the -a parameter, which is processed while tss is running with...
6.5AI Score
0.0004EPSS