Lucene search
GitHub_MCVELIST:CVE-2024-37159HistoryJun 17, 2024 - 2:03 p.m.
CVE-2024-37159 Evmos is missing create validator check
2024-06-1714:03:29
CWE-285
GitHub_M
www.cve.org
1
evmos
validator
vulnerability
fixed
18.0.0
3.5 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
0.0004 Low
EPSS
Percentile
9.1%
Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. This vulnerability allowed a user to create a validator using vested tokens to deposit the self-bond. This vulnerability is fixed in 18.0.0.
CNA Affected
[
{
"vendor": "evmos",
"product": "evmos",
"versions": [
{
"version": "< 18.0.0",
"status": "affected"
}
]
}
]Related
cve
cve
CVE-2024-37159
2024-06-17 14:15:10
nvd
nvd
CVE-2024-37159
2024-06-17 14:15:10
veracode
veracode
Improper Authorization
2024-06-18 08:26:20
osv
osv
evmos allows transferring unvested tokens after delegations
2024-06-06 18:21:05
evmos allows transferring unvested tokens after delegations in github.com/evmos/evmos/v10
2024-06-14 13:41:08
CVE-2024-37158
2024-06-17 14:15:10
3.5 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
0.0004 Low
EPSS
Percentile
9.1%
Related for CVELIST:CVE-2024-37159