Incorrect Default Permissions
The keygen protocol implementation in Binance tss-lib before 1.2.0 allows attackers to generate crafted h1 and h2 parameters in order to compromise a signing round or obtain sensitive information from other parties.
Advisories for Golang/Github.com/Binance-Chain/Tss-Lib/Ecdsa/Keygen package
2021