9 matches found
CVE-2026-44697
Klever-Go is the Go implementation of the Klever blockchain protocol. Prior to 1.7.17, a remote, unauthenticated denial-of-service vulnerability in Batch.Decompress data/batch/batch.go allows any peer that participates in a topic served by MultiDataInterceptor to allocate multi-gigabyte heaps on...
Improper Handling of Highly Compressed Data (Data Amplification)
Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification via the Batch.Decompress function. An attacker can cause excessive memory allocation on the receiving node by sending a specially crafted compressed P2P gossip payload,...
Improper Handling of Highly Compressed Data (Data Amplification)
Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification via the Batch.Decompress function. An attacker can cause excessive memory allocation on the receiving node by sending a specially crafted compressed P2P gossip payload,...
CVE-2026-44697
Klever-Go is the Go implementation of the Klever blockchain protocol. Prior to 1.7.17, a remote, unauthenticated denial-of-service vulnerability in Batch.Decompress data/batch/batch.go allows any peer that participates in a topic served by MultiDataInterceptor to allocate multi-gigabyte heaps on...
EUVD-2026-33375
Klever-Go is the Go implementation of the Klever blockchain protocol. Prior to 1.7.17, a remote, unauthenticated denial-of-service vulnerability in Batch.Decompress data/batch/batch.go allows any peer that participates in a topic served by MultiDataInterceptor to allocate multi-gigabyte heaps on...
CVE-2026-44697 Klever-Go MultiDataInterceptor: remote OOM via crafted compressed P2P payload
Klever-Go is the Go implementation of the Klever blockchain protocol. Prior to 1.7.17, a remote, unauthenticated denial-of-service vulnerability in Batch.Decompress data/batch/batch.go allows any peer that participates in a topic served by MultiDataInterceptor to allocate multi-gigabyte heaps on...
CVE-2026-44697
Klever-Go is the Go implementation of the Klever blockchain protocol. Prior to 1.7.17, a remote, unauthenticated denial-of-service vulnerability in Batch.Decompress data/batch/batch.go allows any peer that participates in a topic served by MultiDataInterceptor to allocate multi-gigabyte heaps on...
CVE-2026-44697 Klever-Go MultiDataInterceptor: remote OOM via crafted compressed P2P payload
Klever-Go is the Go implementation of the Klever blockchain protocol. Prior to 1.7.17, a remote, unauthenticated denial-of-service vulnerability in Batch.Decompress data/batch/batch.go allows any peer that participates in a topic served by MultiDataInterceptor to allocate multi-gigabyte heaps on...
Klever Blockchain 安全漏洞
Klever Blockchain is a high-performance blockchain network implemented by Klever in open source. Versions of Klever Blockchain prior to 1.7.17 contained security vulnerabilities. These vulnerabilities stemmed from a remote unauthenticated denial-of-service issue in the Batch.Decompress function...