Retour au portail de sécurité
XSS in Trezor Connect
Signalé sur August 3, 2020
In August 2020, we were contacted by Gamer7112, a security researcher, who reported XSS issues in Trezor Connect. The issues were fixed and deployed to production shortly after.
Trezor Connect
Vulnérabilités résolues
Signalé par la communauté. Examiné. Résolu. Parce que votre sécurité n’est jamais optionnelle.
- Donjon's Trezor Safe 3 evaluationNovember 12, 2024
- Missing confirmation in the ECDHSessionKey callNovember 26, 2023
- XSS in Trezor Connect legacy versionsFebruary 7, 2023
- Insufficient field size check in ProtobufJuly 12, 2021
- Missing path isolation checkJuly 14, 2020
- Malicious change in mixed transactionsMarch 7, 2020