CVE-2023-35163 Vega's validators able to submit duplicate transactions

Vega is a decentralized trading platform that allows pseudo-anonymous trading of derivatives on a blockchain. Prior to version 0.71.6, a vulnerability exists that allows a malicious validator to trick the Vega network into re-processing past Ethereum events from Vega’s Ethereum bridge. For exampl...

PT-2023-25174 · Vega · Vega

Name of the Vulnerable Software and Affected Versions: Vega versions prior to 0.71.6 Description: A vulnerability exists that allows a malicious validator to trick the Vega network into re-processing past Ethereum events from Vega’s Ethereum bridge. For example, a deposit to the collateral bridge...