Lucene search

K

Ethermint Security Vulnerabilities

cve
cve

CVE-2022-35936

Ethermint is an Ethereum library. In Ethermint running versions before v0.17.2, the contract selfdestruct invocation permanently removes the corresponding bytecode from the internal database storage. However, due to a bug in the DeleteAccountfunction, all contracts that used the identical bytecode....

8.2CVSS

5.1AI Score

0.001EPSS

2022-08-05 01:15 PM
42
7
cve
cve

CVE-2021-43839

Cronos is a commercial implementation of a blockchain. In Cronos nodes running versions before v0.6.5, it is possible to take transaction fees from Cosmos SDK's FeeCollector for the current block by sending a custom crafted MsgEthereumTx. This problem has been patched in Cronos v0.6.5. There are...

7.5CVSS

7.4AI Score

0.001EPSS

2021-12-21 05:15 PM
36
cve
cve

CVE-2021-25835

Cosmos Network Ethermint <= v0.4.0 is affected by a cross-chain transaction replay vulnerability in the EVM module. Since ethermint uses the same chainIDEpoch and signature schemes with ethereum for compatibility, a verified signature in ethereum is still valid in ethermint with the same msg...

7.5CVSS

7.5AI Score

0.001EPSS

2021-02-08 06:15 PM
19
cve
cve

CVE-2021-25834

Cosmos Network Ethermint <= v0.4.0 is affected by a transaction replay vulnerability in the EVM module. If the victim sends a very large nonce transaction, the attacker can replay the transaction through the...

7.5CVSS

7.4AI Score

0.001EPSS

2021-02-08 06:15 PM
21
cve
cve

CVE-2021-25837

Cosmos Network Ethermint <= v0.4.0 is affected by cache lifecycle inconsistency in the EVM module. Due to the inconsistency between the Storage caching cycle and the Tx processing cycle, Storage changes caused by a failed transaction are improperly reserved in memory. Although the bad storage...

7.5CVSS

7.4AI Score

0.001EPSS

2021-02-08 06:15 PM
20
3
cve
cve

CVE-2021-25836

Cosmos Network Ethermint <= v0.4.0 is affected by cache lifecycle inconsistency in the EVM module. The bytecode set in a FAILED transaction wrongfully remains in memory(stateObject.code) and is further written to persistent store at the Endblock stage, which may be utilized to build honeypot...

7.5CVSS

7.4AI Score

0.001EPSS

2021-02-08 06:15 PM
19