Vulnerabilities

CVE-2019-16992

by Fred · 29/09/2019

The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user’s private key to sign a certain cryptocurrency attestation (that an address at keybase.io can be used for Stellar payments to the user), which might be incompatible with a user’s personal position on the semantics of an attestation.

Date published : 2019-09-29

https://github.com/keybase/keybase-issues/issues/3583

https://sneak.berlin/20190929/keybase-backdoor/

Related

Tags: Cybersecurity Alert