Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-19064

Malicious code in bioql PyPI...

6.3CVSS6.4AI score0.00349EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/06/26 9:19 p.m.10 views

CVE-2025-52884

RISC Zero is a zero-knowledge verifiable general computing platform, with Ethereum integration. The risc0-ethereum repository contains Solidity verifier contracts, Steel EVM view call library, and supporting code. Prior to versions 2.1.1 and 2.2.0, the Steel.validateCommitment Solidity library...

6.3CVSS6.2AI score0.00349EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/06/25 9:27 p.m.9 views

RISC Zero Ethereum invalid commitment with digest value of zero accepted by Steel.validateCommitment

Impact Prior to 2.1.1 and 2.2.0, the Steel.validateCommitment Solidity library function will return true for a crafted commitment with a digest value of zero. This violates the semantics of validateCommitment, as this does not commitment to a block that is in the current chain. Because the digest...

6.3CVSS7AI score0.00349EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2025/06/25 9:27 p.m.5 views

GHSA-GJV3-89HH-9XQ2 RISC Zero Ethereum invalid commitment with digest value of zero accepted by Steel.validateCommitment

Impact Prior to 2.1.1 and 2.2.0, the Steel.validateCommitment Solidity library function will return true for a crafted commitment with a digest value of zero. This violates the semantics of validateCommitment, as this does not commitment to a block that is in the current chain. Because the digest...

6.3CVSS7AI score0.00349EPSS
Exploits0References9
NVD
NVD
added 2025/06/24 9:15 p.m.6 views

CVE-2025-52884

RISC Zero is a zero-knowledge verifiable general computing platform, with Ethereum integration. The risc0-ethereum repository contains Solidity verifier contracts, Steel EVM view call library, and supporting code. Prior to versions 2.1.1 and 2.2.0, the Steel.validateCommitment Solidity library...

6.3CVSS0.00349EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/06/24 8:20 p.m.3 views

CVE-2025-52884 risc0-ethereum-contracts allows invalid commitment with digest value of zero to be accepted by Steel.validateCommitment

RISC Zero is a zero-knowledge verifiable general computing platform, with Ethereum integration. The risc0-ethereum repository contains Solidity verifier contracts, Steel EVM view call library, and supporting code. Prior to versions 2.1.1 and 2.2.0, the Steel.validateCommitment Solidity library...

6.3CVSS7AI score0.00349EPSS
Exploits0References7
CVE
CVE
added 2025/06/24 8:20 p.m.21 views

CVE-2025-52884

CVE-2025-52884 (RISC Zero Ethereum) affects the risc0-ethereum project where the Solidity library function Steel.validateCommitment incorrectly returns true for a crafted commitment with a digest value of zero prior to versions 2.1.1 and 2.2.0. This violates the semantics of validateCommitment, a...

6.3CVSS7AI score0.00349EPSS
Exploits0References7
OSV
OSV
added 2025/06/24 8:20 p.m.6 views

CVE-2025-52884 risc0-ethereum-contracts allows invalid commitment with digest value of zero to be accepted by Steel.validateCommitment

RISC Zero is a zero-knowledge verifiable general computing platform, with Ethereum integration. The risc0-ethereum repository contains Solidity verifier contracts, Steel EVM view call library, and supporting code. Prior to versions 2.1.1 and 2.2.0, the Steel.validateCommitment Solidity library...

6.3CVSS6.5AI score0.00349EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/06/24 12:0 a.m.5 views

PT-2025-26784 · Risc Zero +1 · Risc Zero +1

Name of the Vulnerable Software and Affected Versions: RISC Zero versions prior to 2.1.1 and 2.2.0 Description: The issue concerns the Steel.validateCommitment Solidity library function, which returns true for a crafted commitment with a digest value of zero. This violates the function's semantic...

6.3CVSS6.2AI score0.00349EPSS
Exploits0References15
Rows per page
Query Builder