Lucene search
+L

4 matches found

osv
osv
added 2026/05/21 4:53 p.m.8 views

GHSA-JC6W-WMFC-FH33 Klever-Go KVM read-only execution can commit contract delete and upgrade side effects

Publisher note Fixed in v1.7.17. Operators running v1.7.17 should upgrade. Contract delete and upgrade host-core paths now reject execution when runtime.ReadOnly is true. The invariant is regression-tested for delete, upgrade, storage writes, value transfers, and any VM output field that can late...

6.3CVSS6AI score0.00057EPSS
Exploits0References4
github
github
added 2026/05/21 4:53 p.m.15 views

Klever-Go KVM read-only execution can commit contract delete and upgrade side effects

Publisher note Fixed in v1.7.17. Operators running v1.7.17 should upgrade. Contract delete and upgrade host-core paths now reject execution when runtime.ReadOnly is true. The invariant is regression-tested for delete, upgrade, storage writes, value transfers, and any VM output field that can late...

6AI score0.00057EPSS
Exploits0References4Affected Software1
ptsecurity
ptsecurity
added 2026/05/21 12:0 a.m.14 views

PT-2026-42661

Name of the Vulnerable Software and Affected Versions klever-go versions prior to 1.7.17 Description KVM read-only execution fails to properly isolate state-changing operations. The ExecuteReadOnlyWithTypedArguments function sets the runtime to read-only mode, but the host-core paths for contract...

6.3CVSS6AI score0.00057EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/05/21 12:0 a.m.11 views

PT-2026-42630

Publisher note Fixed in v1.7.17. Operators running v1.7.17 should upgrade. Contract delete and upgrade host-core paths now reject execution when runtime.ReadOnly is true. The invariant is regression-tested for delete, upgrade, storage writes, value transfers, and any VM output field that can late...

6.3CVSS6AI score
Exploits0References5
Rows per page
Query Builder