Description
A vulnerability classified as critical has been found in Zerocoin libzerocoin. Affected is the function CoinSpend::CoinSpend of the file CoinSpend.cpp of the component Proof Handler. The manipulation leads to insufficient verification of data authenticity. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The patch is identified as ce103a09ec079d0a0ed95475992348bed6e860de. It is recommended to apply a patch to fix this issue. VDB-222318 is the identifier assigned to this vulnerability.
References (4)
Core 4
Core References
Patch issue-tracking
https://github.com/Zerocoin/libzerocoin/pull/16
Third Party Advisory vdb-entry
technical-description
https://vuldb.com/?id.222318
Permissions Required, Third Party Advisory signature
permissions-required
https://vuldb.com/?ctiid.222318
Scores
CVSS v3
4.6
EPSS
0.0031
EPSS Percentile
22.1%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Details
CWE
CWE-345
Status
published
Products (1)
zerocoin/libzerocoin
< 2017-11-15
Published
Mar 06, 2023
Tracked Since
Feb 18, 2026