18 matches found
EUVD-2022-6882
Malicious code in bioql PyPI...
EUVD-2022-7694
Malicious code in bioql PyPI...
CVE-2022-46173
The CVE-2022-46173 entry affects Elrond-GO prior to version 1.3.50. A processing issue occurred when handling a cross-shard relayed transaction that included smart contract deploy data, caused by a mis-correlation between transaction caches and the processing component. If such a transaction used...
CVE-2022-46173 Elrond go Processing: fallback search of SCRs when not found in the main cache
Elrond-GO is a go implementation for the Elrond Network protocol. Versions prior to 1.3.50 are subject to a processing issue where nodes are affected when trying to process a cross-shard relayed transaction with a smart contract deploy transaction data. The problem was a bad correlation between t...
Incorrect Resource Transfer Between Spheres
Elrond-GO is a go implementation for the Elrond Network protocol. Versions prior to 1.3.50 are subject to a processing issue where nodes are affected when trying to process a cross-shard relayed transaction with a smart contract deploy transaction data. The problem was a bad correlation between t...
CVE-2022-36061
Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.35, read only calls between contracts can generate smart contracts results. For example, if contract A calls in read only mode contract B and the called function will make changes upon the contract's B...
Code injection
Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.35, read only calls between contracts can generate smart contracts results. For example, if contract A calls in read only mode contract B and the called function will make changes upon the contract's B...
CVE-2022-36061
CVE-2022-36061 (Elrond-go) affects the Go implementation of the Elrond Network. In versions prior to 1.3.35, read‑only contract calls can produce smart contract results and alter the state of the callee (contract B) as if the call were not read‑only. This violates read‑only semantics and can caus...
CVE-2022-36061 Elrond go can execute on same context checks in VM
Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.35, read only calls between contracts can generate smart contracts results. For example, if contract A calls in read only mode contract B and the called function will make changes upon the contract's B...
CVE-2022-36061 Elrond go can execute on same context checks in VM
Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.35, read only calls between contracts can generate smart contracts results. For example, if contract A calls in read only mode contract B and the called function will make changes upon the contract's B...
CVE-2022-36058
Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.34, anyone who uses elrond-go to process blocks historical or actual could encounter a MultiESDTNFTTransfer transaction like this: MultiESDTNFTTransfer with a missing function name. Basic functionality li...
Design/Logic Flaw
Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.34, anyone who uses elrond-go to process blocks historical or actual could encounter a MultiESDTNFTTransfer transaction like this: MultiESDTNFTTransfer with a missing function name. Basic functionality li...
CVE-2022-36058 elrond-go MultiESDTNFTTransfer call on a SC address with missing function name
Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.34, anyone who uses elrond-go to process blocks historical or actual could encounter a MultiESDTNFTTransfer transaction like this: MultiESDTNFTTransfer with a missing function name. Basic functionality li...
CVE-2022-36058
Elrond-go (github.com/ElrondNetwork/elrond-go) prior to version 1.3.34 is affected by CVE-2022-36058 due to a MultiESDTNFTTransfer call with a missing function name in SC addresses. The issue is confirmed in multiple sources (Red Hat, NVD, OSV, GHSA) and is triggered when processing certain Multi...
CVE-2022-36058 elrond-go MultiESDTNFTTransfer call on a SC address with missing function name
Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.34, anyone who uses elrond-go to process blocks historical or actual could encounter a MultiESDTNFTTransfer transaction like this: MultiESDTNFTTransfer with a missing function name. Basic functionality li...
Improper Input Validation
Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.34, anyone who uses elrond-go to process blocks historical or actual could encounter a MultiESDTNFTTransfer transaction like this: MultiESDTNFTTransfer with a missing function name. Basic functionality li...
Improper Initialization
Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.35, read only calls between contracts can generate smart contracts results. For example, if contract A calls in read only mode contract B and the called function will make changes upon the contract's B...
Elrond go 安全漏洞
Elrond go is an open source go implementation of the Elrond Network protocol by Elrond Network. Elrond go version 1.3.35 before a security vulnerability , the vulnerability stems from the read-only calls between contracts can generate smart contract results...