漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Zebra node crash — V5 transaction hash panic (P2P reachable)
Vulnerability Description
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-chain version 6.0.1, a vulnerability in Zebra's transaction processing logic allows a remote, unauthenticated attacker to cause a Zebra node to panic (crash). This is triggered by sending a specially crafted V5 transaction that passes initial deserialization but fails during transaction ID calculation. This issue has been patched in zebrad version 4.3.0 and zebra-chain version 6.0.1.
CVSS Information
N/A
Vulnerability Type
CWE-1336
Vulnerability Title
zebra 安全漏洞
Vulnerability Description
zebra是Zcash Foundation开源的一个用Rust编写的Zcash全节点实现。 zebra存在安全漏洞,该漏洞源于Zebra的交易处理逻辑存在漏洞,可能导致远程未经身份验证的攻击者通过发送特制的V5交易使Zebra节点崩溃。
CVSS Information
N/A
Vulnerability Type
N/A