Tss-lib Security Vulnerabilities and Issues — Tss-lib CVE List

Lucene search

IofinnetTss-lib

2 matches found

CVE•added 2023/04/21 6:15 p.m.•60 views

CVE-2023-26556

io.finnet tss-lib before 2.0.0 can leak a secret key via a timing side-channel attack because it relies on the scalar-multiplication implementation in Go crypto/elliptic, which is not constant time (there is an if statement in a loop). One leak is in ecdsa/keygen/round_2.go. (bnb-chain/tss-lib and ...

9.1CVSS9AI score0.00356EPSS

CVE•added 2022/12/23 12:15 a.m.•49 views

CVE-2022-47931

IO FinNet tss-lib before 2.0.0 allows a collision of hash values.

9.1CVSS9.1AI score0.00035EPSS