Ledger Bitcoin App
Approved changes feed: RSS · Atom
cpe:2.3:a:ledger:ledger_bitcoin_app:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Ledger (75750f49-f7db-5ac7-94df-754d699d4fd7) |
|---|---|
| Product | Ledger Bitcoin App (9a95cee4-d9d0-5cdb-84e4-5c349c58e7cc) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-7346 |
vulnerable | 2026-06-08 06:21:57.626354 |
Ledger Bitcoin App 2.1.0 Address Derivation Error via Miniscript
MEDIUM (4)
Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of miniscript policies containing the a: fragment. Attackers can craft malicious miniscript policies that cause the device to derive and display incorrect receiving addresses, potentially leading to funds being sent to unintended addresses.
Published: 2026-05-20T14:13:22.344Z
Updated: 2026-05-20T15:31:29.002Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.