Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2025/11/25 7:59 p.m.6 views

CVE-2025-66017 CGGMP21 presignatures can be used in the way that significantly reduces security

CGGMP24 is a state-of-art ECDSA TSS protocol that supports 1-round signing requires 3 preprocessing rounds, identifiable abort, and a key refresh protocol. In versions 0.6.3 and prior of cggmp21 and version 0.7.0-alpha.1 of cggmp24, presignatures can be used in the way that significantly reduces...

8.2CVSS6.4AI score0.00181EPSS
Exploits0References2
OSV
OSV
added 2025/11/25 7:59 p.m.5 views

CVE-2025-66017 CGGMP21 presignatures can be used in the way that significantly reduces security

CGGMP24 is a state-of-art ECDSA TSS protocol that supports 1-round signing requires 3 preprocessing rounds, identifiable abort, and a key refresh protocol. In versions 0.6.3 and prior of cggmp21 and version 0.7.0-alpha.1 of cggmp24, presignatures can be used in the way that significantly reduces...

8.2CVSS6.7AI score0.00181EPSS
Exploits0References4
OSV
OSV
added 2025/11/24 12:0 p.m.8 views

RUSTSEC-2025-0129 Missing check in ZK proof in CGGMP21 Threshold Signing Protocol

Vulnerability concerns a missing check in the ZK proof that enables an attack in which single malicious signer can reconstruct full private key. Patches cggmp21 v0.6.3 is a patch release that contains a fix that introduces this specific missing check. However, we recommend upgrading to cggmp24...

9.3CVSS6.5AI score0.00163EPSS
Exploits0References3
OSV
OSV
added 2025/11/24 12:0 p.m.5 views

RUSTSEC-2025-0128 CGGMP21 presignatures can be used in the way that significantly reduces security

This attack is against presignatures used in very specific context: Presignatures + HD wallets derivation: security level reduces to 85 bits \ Previously you could generate a presignature, and then choose a HD derivation path while issuing a partial signature via Presignature::setderivationpath,...

8.2CVSS6.5AI score0.00181EPSS
Exploits0References3
Rows per page
Query Builder