High severityNVD Advisory· Published Apr 23, 2020· Updated Aug 4, 2024
CVE-2020-12118
CVE-2020-12118
Description
The keygen protocol implementation in Binance tss-lib before 1.2.0 allows attackers to generate crafted h1 and h2 parameters in order to compromise a signing round or obtain sensitive information from other parties.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/binance-chain/tss-libGo | < 1.2.0 | 1.2.0 |
Affected products
2- Binance/tss-libdescription
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-399h-cmvp-qgx5ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-12118ghsaADVISORY
- github.com/binance-chain/tss-lib/pull/89ghsax_refsource_MISCWEB
- github.com/binance-chain/tss-lib/pull/89/commits/7b7c17e90504d5dad94b938e84fec690bb1ec311ghsaWEB
- github.com/binance-chain/tss-lib/releases/tag/v1.2.0ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.