OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-23 15:38:27 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
69e85eff7f0ae206d5a833ace6fdc7fb2eec5ace
advisory-db/crates/shamir/RUSTSEC-2020-0160.md
Alexis Mousset 84c633df9c Update aliases from GHSA OSV export (#1693)
2023-06-13 15:10:24 +02:00

591 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2020-0160"
package = "shamir"
date = "2020-01-21"
url = "https://github.com/Nebulosus/shamir/issues/3"
categories = ["crypto-failure"]
aliases = ["GHSA-978j-88f3-p5j3"]

[versions]
patched = [">= 2.0.0"]

Threshold value is ignored (all shares are n=3)

Affected versions of this crate did not properly calculate secret shares requirements.

This reduces the security of the algorithm by restricting the crate to always using a threshold value of three, rather than a configurable limit.

The flaw was corrected by correctly configuring the threshold.