You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The lack of signature range checks can lead to unauthorized actions.
Impact
This vulnerability could enable unauthorized actions
Description
An attacker can forge signatures on any message, allowing them to bypass signature verification on the Stark Bank platform. This vulnerability could enable unauthorized actions, such as sending payments and transferring funds, by impersonating any user. Additionally, this flaw may pose risks to other users and projects relying on these libraries, potentially leading to wider, unforeseen security impacts.
[(https://github.com/starkbank/sdk-google-sheets/blob/852b45335e555f17fef489a36e85edb0c96a4c42/src/ecdsa.js#L13)]
To mitigate this issue
Credit
The vulnerability was discovered by chao jie xiong([email protected])
The text was updated successfully, but these errors were encountered:
Summary
The lack of signature range checks can lead to unauthorized actions.
Impact
This vulnerability could enable unauthorized actions
Description
An attacker can forge signatures on any message, allowing them to bypass signature verification on the Stark Bank platform. This vulnerability could enable unauthorized actions, such as sending payments and transferring funds, by impersonating any user. Additionally, this flaw may pose risks to other users and projects relying on these libraries, potentially leading to wider, unforeseen security impacts.
[(https://github.com/starkbank/sdk-google-sheets/blob/852b45335e555f17fef489a36e85edb0c96a4c42/src/ecdsa.js#L13)]
To mitigate this issue
Credit
The vulnerability was discovered by chao jie xiong([email protected])
The text was updated successfully, but these errors were encountered: