Lucene search
K

5 matches found

CNNVD
CNNVD
added 2025/10/02 12:0 a.m.5 views

RISC Zero Ethereum 代码注入漏洞

RISC Zero Ethereum is a computing platform open-sourced by RISC Zero. A code injection vulnerability exists in RISC Zero Ethereum that originates from a host that can write to an arbitrary memory location of a visitor using a specially crafted response, which could lead to the execution of...

9.3CVSS7.4AI score0.00432EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/06 12:0 a.m.5 views

RISC Zero Ethereum 数字错误漏洞

RISC Zero Ethereum is a computing platform open-sourced by RISC Zero. A numeric error vulnerability exists in RISC Zero Ethereum versions 2.1.0 and earlier and risc0-circuit-rv32im versions 2.0.4 and earlier, which stems from a signed integer division issue that could result in invalid output...

6.9CVSS6.5AI score0.00371EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/06/25 9:27 p.m.8 views

RISC Zero Ethereum invalid commitment with digest value of zero accepted by Steel.validateCommitment

Impact Prior to 2.1.1 and 2.2.0, the Steel.validateCommitment Solidity library function will return true for a crafted commitment with a digest value of zero. This violates the semantics of validateCommitment, as this does not commitment to a block that is in the current chain. Because the digest...

6.3CVSS7AI score0.00349EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2025/06/24 8:20 p.m.11 views

CVE-2025-52884 risc0-ethereum-contracts allows invalid commitment with digest value of zero to be accepted by Steel.validateCommitment

RISC Zero is a zero-knowledge verifiable general computing platform, with Ethereum integration. The risc0-ethereum repository contains Solidity verifier contracts, Steel EVM view call library, and supporting code. Prior to versions 2.1.1 and 2.2.0, the Steel.validateCommitment Solidity library...

6.3CVSS0.00349EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/06/24 12:0 a.m.5 views

RISC Zero Ethereum 安全漏洞

RISC Zero Ethereum is a computing platform open-sourced by RISC Zero. A security vulnerability exists in RISC Zero Ethereum versions prior to 2.1.1 and 2.2.0, which stems from the Steel.validateCommitment function returning true for a commitment with a summary value of zero, which could lead to a...

6.3CVSS6.3AI score0.00349EPSS
Exploits0References8
Rows per page
Query Builder