5 matches found
RISC Zero Ethereum 代码注入漏洞
RISC Zero Ethereum is a computing platform open-sourced by RISC Zero. A code injection vulnerability exists in RISC Zero Ethereum that originates from a host that can write to an arbitrary memory location of a visitor using a specially crafted response, which could lead to the execution of...
RISC Zero Ethereum 数字错误漏洞
RISC Zero Ethereum is a computing platform open-sourced by RISC Zero. A numeric error vulnerability exists in RISC Zero Ethereum versions 2.1.0 and earlier and risc0-circuit-rv32im versions 2.0.4 and earlier, which stems from a signed integer division issue that could result in invalid output...
RISC Zero Ethereum invalid commitment with digest value of zero accepted by Steel.validateCommitment
Impact Prior to 2.1.1 and 2.2.0, the Steel.validateCommitment Solidity library function will return true for a crafted commitment with a digest value of zero. This violates the semantics of validateCommitment, as this does not commitment to a block that is in the current chain. Because the digest...
CVE-2025-52884 risc0-ethereum-contracts allows invalid commitment with digest value of zero to be accepted by Steel.validateCommitment
RISC Zero is a zero-knowledge verifiable general computing platform, with Ethereum integration. The risc0-ethereum repository contains Solidity verifier contracts, Steel EVM view call library, and supporting code. Prior to versions 2.1.1 and 2.2.0, the Steel.validateCommitment Solidity library...
RISC Zero Ethereum 安全漏洞
RISC Zero Ethereum is a computing platform open-sourced by RISC Zero. A security vulnerability exists in RISC Zero Ethereum versions prior to 2.1.1 and 2.2.0, which stems from the Steel.validateCommitment function returning true for a commitment with a summary value of zero, which could lead to a...