Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:38579
HistoryDec 23, 2022 - 8:09 a.m.

Hash Collision

2022-12-2308:09:54
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
hash collision
remote attack
vulnerable software

0.001 Low

EPSS

Percentile

51.0%

github.com/iofinnet/tss-lib is vulnerable to hash collision attacks. A remote attacker is able to cause hash table collisions through the vulnerable SHA512_256 function of common/hash.go file, resulting in attacker gaining unintended privileges.

0.001 Low

EPSS

Percentile

51.0%