Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
CGGMP21 presignatures can be used in the way that significantly reduces security
Vulnerability Description
CGGMP24 is a state-of-art ECDSA TSS protocol that supports 1-round signing (requires 3 preprocessing rounds), identifiable abort, and a key refresh protocol. In versions 0.6.3 and prior of cggmp21 and version 0.7.0-alpha.1 of cggmp24, presignatures can be used in the way that significantly reduces security. cggmp24 version 0.7.0-alpha.2 release contains API changes that make it impossible to use presignatures in contexts in which it reduces security.
CVSS Information
N/A
Vulnerability Type
使用已被攻破或存在风险的密码学算法
Vulnerability Title
cggmp21 安全漏洞
Vulnerability Description
cggmp21是Lockness开源的一个Rust库。 cggmp21 0.6.3及之前版本和0.7.0-alpha.1版本存在安全漏洞,该漏洞源于预签名使用方式不当,可能导致安全性降低。
CVSS Information
N/A
Vulnerability Type
N/A