RSS   Vulnerabilities for 'Zcashd'   RSS

2021-02-05
 
CVE-2020-8807

NVD-CWE-Other
 

 
In Electric Coin Company Zcashd before 2.1.1-1, the time offset between messages could be leveraged to obtain sensitive information about the relationship between a suspected victim's address and an IP address, aka a timing side channel.

 
 
CVE-2020-8806

CWE-863
 

 
Electric Coin Company Zcashd before 2.1.1-1 allows attackers to trigger consensus failure and double spending. A valid chain could be incorrectly rejected because timestamp requirements on block headers were not properly enforced.

 


Copyright 2024, cxsecurity.com

 

Back to Top