Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-3638

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.0042EPSS
Exploits0References5
Veracode
Veracodeadded 2022/05/25 4:17 a.m.20 views

Denial Of Service (DoS)

@chainsafe/lodestar is vulnerable to denial of service. The vulnerability exists because the library uses the uint64 values as native javascript numbers, allowing an attacker to crash the application by providing large uint64 values greater than 2^53 through the maliciously-crafted AttesterSlashi...

7.5CVSS7.1AI score0.0042EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blogadded 2022/05/24 10:21 p.m.21 views

AttesterSlashing number overflow

Impact Possible consensus split given maliciously-crafted AttesterSlashing or ProposerSlashing being included on-chain. Since we represent uint64 values as native javascript numbers, there is an issue when those variables with large greater than 2^53 uint64 values are included on chain. In those...

7.5CVSS7.2AI score0.0042EPSS
Exploits0References5Affected Software1
NVD
NVDadded 2022/05/24 3:15 p.m.8 views

CVE-2022-29219

Lodestar is a TypeScript implementation of the Ethereum Consensus specification. Prior to version 0.36.0, there is a possible consensus split given maliciously-crafted AttesterSlashing or ProposerSlashing being included on-chain. Because the developers represent uint64 values as native javascript...

7.5CVSS0.0042EPSS
Exploits0References3
Prion
Prionadded 2022/05/24 3:15 p.m.9 views

Code injection

Lodestar is a TypeScript implementation of the Ethereum Consensus specification. Prior to version 0.36.0, there is a possible consensus split given maliciously-crafted AttesterSlashing or ProposerSlashing being included on-chain. Because the developers represent uint64 values as native javascript...

5CVSS7.5AI score0.0042EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2022/05/24 2:15 p.m.16 views

CVE-2022-29219 Integer Overflow in Lodestar

Lodestar is a TypeScript implementation of the Ethereum Consensus specification. Prior to version 0.36.0, there is a possible consensus split given maliciously-crafted AttesterSlashing or ProposerSlashing being included on-chain. Because the developers represent uint64 values as native javascript...

7.5CVSS7.4AI score0.0042EPSS
Exploits0References5
Cvelist
Cvelistadded 2022/05/24 2:15 p.m.9 views

CVE-2022-29219 Integer Overflow in Lodestar

Lodestar is a TypeScript implementation of the Ethereum Consensus specification. Prior to version 0.36.0, there is a possible consensus split given maliciously-crafted AttesterSlashing or ProposerSlashing being included on-chain. Because the developers represent uint64 values as native javascript...

7.5CVSS7.7AI score0.0042EPSS
Exploits0References3
CVE
CVEadded 2022/05/24 2:15 p.m.79 views

CVE-2022-29219

Lodestar (TypeScript Ethereum Consensus) before v0.36.0 is vulnerable due to using native JavaScript numbers for uint64 values in AttesterSlashing/ProposerSlashing, causing rounding errors for large values (>2^53). This can yield consensus splits or valid Slashing being treated as invalid, pot...

7.5CVSS7.4AI score0.0042EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder