Lucene search

[email protected]NVD:CVE-2020-20178

HistoryMay 24, 2021 - 7:15 p.m.

CVE-2020-20178

2021-05-2419:15:07

[email protected]

web.nvd.nist.gov

ethereum

denial of service

vulnerability

payout function

array

exception

account addresses

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

42.5%

JSON

Ethereum 0xe933c0cd9784414d5f278c114904f5a84b396919#code.sol latest version is affected by a denial of service vulnerability in the affected payout function. Once the length of this array is too long, it will result in an exception. Attackers can make attacks by creating a series of account addresses.

Affected configurations

Nvd

Node

whohas_projectwhohasMatch-

VendorProductVersionCPE
whohas_projectwhohas-cpe:2.3:a:whohas_project:whohas:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
whohas_project	whohas	-	cpe:2.3:a:whohas_project:whohas:-:::::::*

References

etherscan.io/address/0xe933c0cd9784414d5f278c114904f5a84b396919

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

42.5%

JSON

Related for NVD:CVE-2020-20178

cvelist1 nessus1 cbl_mariner1 cve1 prion1 photon2 ubuntucve1