VYPR

crates.io package

nimiq-transaction

pkg:cargo/nimiq-transaction

Vulnerabilities (2)

  • CVE-2026-34068MedApr 22, 2026
    affected <= 0.2.0

    nimiq-transaction provides the transaction primitive to be used in Nimiq's Rust implementation. Prior to version 1.3.0, the staking contract accepts `UpdateValidator` transactions that set `new_voting_key=Some(...)` while omitting `new_proof_of_knowledge`. this skips the proof-of

  • CVE-2026-34067LowApr 22, 2026
    affected <= 0.2.0

    nimiq-transaction provides the transaction primitive to be used in Nimiq's Rust implementation. Prior to version 1.3.0, `HistoryTreeProof::verify` panics on a malformed proof where `history.len() != positions.len()` due to `assert_eq!(history.len(), positions.len())`. The proof o