Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/11/26 8:1 p.m.6 views

CVE-2025-66016

CGGMP24 is a state-of-art ECDSA TSS protocol that supports 1-round signing requires 3 preprocessing rounds, identifiable abort, and a key refresh protocol. Prior to version 0.6.3, there is a missing check in the ZK proof that enables an attack in which single malicious signer can reconstruct full...

9.3CVSS6.6AI score0.00163EPSS
Exploits0References1
RustSec
RustSec
added 2025/11/24 12:0 p.m.7 views

Missing check in ZK proof in CGGMP21 Threshold Signing Protocol

Vulnerability concerns a missing check in the ZK proof that enables an attack in which single malicious signer can reconstruct full private key. Patches cggmp21 v0.6.3 is a patch release that contains a fix that introduces this specific missing check. However, we recommend upgrading to cggmp24...

9.3CVSS6.7AI score0.00163EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/11/24 12:0 p.m.8 views

RUSTSEC-2025-0129 Missing check in ZK proof in CGGMP21 Threshold Signing Protocol

Vulnerability concerns a missing check in the ZK proof that enables an attack in which single malicious signer can reconstruct full private key. Patches cggmp21 v0.6.3 is a patch release that contains a fix that introduces this specific missing check. However, we recommend upgrading to cggmp24...

9.3CVSS6.5AI score0.00163EPSS
Exploits0References3
Code423n4
Code423n4
added 2023/07/21 12:0 a.m.17 views

Risk of Rogue Signer Control: Potential for Malicious Signer to Modify Threshold and Gain Unauthorized Control of Multisig Contract

Lines of code Vulnerability details Impact The "Rotation of Signers" mechanism in the Multisig contract poses a risk of a single rogue or compromised signer gaining unauthorized control of the contract. If a signer with malicious intent or compromised credentials utilizes the rotateSigners...

7.4AI score
Exploits0
Rows per page
Query Builder