HistoryEdit

RUSTSEC-2020-0160

Threshold value is ignored (all shares are n=3)

Reported
Issued
Package
shamir (crates.io)
Type
Vulnerability
Categories
Details
https://github.com/Nebulosus/shamir/issues/3
Patched
  • >=2.0.0

Description

Affected versions of this crate did not properly calculate secret shares requirements.

This reduces the security of the algorithm by restricting the crate to always using a threshold value of three, rather than a configurable limit.

The flaw was corrected by correctly configuring the threshold.