mirror of
https://github.com/OMGeeky/advisory-db.git
synced 2026-02-23 15:38:27 +01:00
557 B
557 B
[advisory]
id = "RUSTSEC-2020-0160"
package = "shamir"
date = "2020-01-21"
url = "https://github.com/Nebulosus/shamir/issues/3"
categories = ["crypto-failure"]
[versions]
patched = [">= 2.0.0"]
Threshold value is ignored (all shares are n=3)
Affected versions of this crate did not properly calculate secret shares requirements.
This reduces the security of the algorithm by restricting the crate to always using a threshold value of three, rather than a configurable limit.
The flaw was corrected by correctly configuring the threshold.