Zurück zum Sicherheitsportal
Malicious change in mixed transactions
Gemeldet auf March 7, 2020
A specially crafted multisig transaction could leverage a inconsistent sanitization of inputs to include a change output of an attacker, which wasn't confirmed by the user.
Gemeldet durch Saleem Rashid
Behobene Sicherheitslücken
Gemeldet durch Community. Untersucht. Gelöst. Weil deine Sicherheit nie optional ist.
- Inability to cancel certain flows on pre-production firmware31. Oktober 2025
- Fix side-channel in BIP-39 mnemonic processing when unlocked24. September 2025
- Donjon's Trezor Safe 3 evaluation12. November 2024
- Missing confirmation in the ECDHSessionKey call26. November 2023
- XSS in Trezor Connect legacy versions7. Februar 2023
- Insufficient field size check in Protobuf12. Juli 2021