GHSA-978j-88f3-p5j3

Source

https://github.com/advisories/GHSA-978j-88f3-p5j3

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/06/GHSA-978j-88f3-p5j3/GHSA-978j-88f3-p5j3.json

Aliases

• RUSTSEC-2020-0160

Published

2022-06-17T00:18:43Z

Modified

2023-11-08T04:17:45.856172Z

Details

Affected versions of this crate did not properly calculate secret shares requirements.

This reduces the security of the algorithm by restricting the crate to always using a threshold value of three, rather than a configurable limit.

The flaw was corrected by correctly configuring the threshold.

References

• https://github.com/Nebulosus/shamir/issues/3
• https://github.com/Nebulosus/shamir
• https://rustsec.org/advisories/RUSTSEC-2020-0160.html