Lucene search
HistoryJun 17, 2024 - 2:15 p.m.
CVE-2024-37159
evmos
ethereum virtual machine
cosmos network
validator
vested tokens
3.5 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
0.0004 Low
EPSS
Percentile
9.1%
Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. This vulnerability allowed a user to create a validator using vested tokens to deposit the self-bond. This vulnerability is fixed in 18.0.0.
Related
cve
cve
CVE-2024-37159
2024-06-17 14:15:10
cvelist
cvelist
CVE-2024-37159 Evmos is missing create validator check
2024-06-17 14:03:29
veracode
veracode
Improper Authorization
2024-06-18 08:26:20
osv
osv
evmos allows transferring unvested tokens after delegations
2024-06-06 18:21:05
evmos allows transferring unvested tokens after delegations in github.com/evmos/evmos/v10
2024-06-14 13:41:08
CVE-2024-37158
2024-06-17 14:15:10
3.5 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
0.0004 Low
EPSS
Percentile
9.1%
Related for NVD:CVE-2024-37159