CVE-2023-35163 Vega's validators able to submit duplicate transactions

Vega is a decentralized trading platform that allows pseudo-anonymous trading of derivatives on a blockchain. Prior to version 0.71.6, a vulnerability exists that allows a malicious validator to trick the Vega network into re-processing past Ethereum events from Vega’s Ethereum bridge. For exampl...

GHSA-8RC9-VXJH-QJF2 Vega's validators able to submit duplicate transactions

A vulnerability exists that allows a malicious validator to trick the Vega network into re-processing past Ethereum events from Vega’s Ethereum bridge. For example, a deposit to the collateral bridge for 100USDT that credits a party’s general account on Vega, can be re-processed 50 times resultin...

PT-2023-25174 · Vega · Vega

Name of the Vulnerable Software and Affected Versions: Vega versions prior to 0.71.6 Description: A vulnerability exists that allows a malicious validator to trick the Vega network into re-processing past Ethereum events from Vega’s Ethereum bridge. For example, a deposit to the collateral bridge...

UBUNTU-CVE-2015-8559

The knife bootstrap command in chef Infra client before version 15.4.45 leaks the validator.pem private RSA key to /var/log/messages...