CVE-2019-16992

Name of the Vulnerable Software and Affected Versions Keybase app version 2.13.2 for iOS

Description The issue concerns potentially insufficient notice that the app is using a user's private key to sign a cryptocurrency attestation for Stellar payments. This might be incompatible with a user's personal position on the semantics of an attestation.

Recommendations For Keybase app version 2.13.2, consider reviewing the app's settings and documentation to understand how it handles private keys and cryptocurrency attestations, and adjust usage accordingly to align with personal preferences on attestation semantics. At the moment, there is no information about a newer version that contains a fix for this vulnerability.