CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-12118

The keygen protocol implementation in Binance tss-lib before 1.2.0 allows attackers to generate crafted h1 and h2 parameters in order to compromise a signing round or obtain sensitive information from other parties.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 53.4%

CVSS Severity

CVSS v3 Score 8.2

CVSS v2 Score 6.4

References

https://github.com/binance-chain/tss-lib/pull/89
https://github.com/binance-chain/tss-lib/releases/tag/v1.2.0
https://github.com/binance-chain/tss-lib/pull/89
https://github.com/binance-chain/tss-lib/releases/tag/v1.2.0

Products affected by CVE-2020-12118

Binance » Tss-Lib » Version: 1.0.0

cpe:2.3:a:binance:tss-lib:1.0.0
Binance » Tss-Lib » Version: 1.1.0

cpe:2.3:a:binance:tss-lib:1.1.0
Binance » Tss-Lib » Version: 1.1.1

cpe:2.3:a:binance:tss-lib:1.1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-12118

Products

Pricing

Contact Us