Lucene search

[email protected]NVD:CVE-2023-36184

HistorySep 08, 2023 - 2:15 a.m.

CVE-2023-36184

2023-09-0802:15:08

CWE-787

[email protected]

web.nvd.nist.gov

cmysten labs

sui blockchain

v1.2.0

stack overflow

openrpc.json

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

20.5%

JSON

CMysten Labs Sui blockchain v1.2.0 was discovered to contain a stack overflow via the component /spec/openrpc.json.

Affected configurations

NVD

Node

aptosfoundationaptosRange<1.4.3

move_projectmoveMatch-

mystenlabssuiRange<1.2.1

References

github.com/aptos-labs/aptos-core/commit/47a0391c612407fe0b1051ef658a29e35d986963

github.com/move-language/move/issues/1059

github.com/MystenLabs/sui/commit/8b681515c0cf435df2a54198a28ab4ef574d202b

medium.com/%40Beosin_com/critical-vulnerability-in-move-vm-can-cause-total-network-shutdown-and-potential-hard-fork-in-sui-49d0d942801c

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

20.5%

JSON

Related for NVD:CVE-2023-36184

prion1 osv1 cvelist1 cve1