35 matches found
EUVD-2022-6683
Malicious code in bioql PyPI...
EUVD-2021-8681
Malicious code in bioql PyPI...
EUVD-2025-13881
Malicious code in bioql PyPI...
CVE-2021-21369
Hyperledger Besu is an open-source, MainNet compatible, Ethereum client written in Java. In Besu before version 1.5.1 there is a denial-of-service vulnerability involving the HTTP JSON-RPC API service. If username and password authentication is enabled for the HTTP JSON-RPC API service, then prio...
CVE-2025-30147
Besu Native contains scripts and tooling that is used to build and package the native libraries used by the Ethereum client Hyperledger Besu. Besu 24.7.1 through 25.2.2, corresponding to besu-native versions 0.9.0 through 1.2.1, have a potential consensus bug for the precompiles ALTBN128ADD 0x06,...
CVE-2025-30147
Besu Native contains scripts and tooling that is used to build and package the native libraries used by the Ethereum client Hyperledger Besu. Besu 24.7.1 through 25.2.2, corresponding to besu-native versions 0.9.0 through 1.2.1, have a potential consensus bug for the precompiles ALTBN128ADD 0x06,...
CVE-2025-30147 ALTBN128_ADD, ALTBN128_MUL, ALTBN128_PAIRING precompile functions do not check if points are on curve
Besu Native contains scripts and tooling that is used to build and package the native libraries used by the Ethereum client Hyperledger Besu. Besu 24.7.1 through 25.2.2, corresponding to besu-native versions 0.9.0 through 1.2.1, have a potential consensus bug for the precompiles ALTBN128ADD 0x06,...
CVE-2025-30147 ALTBN128_ADD, ALTBN128_MUL, ALTBN128_PAIRING precompile functions do not check if points are on curve
Besu Native contains scripts and tooling that is used to build and package the native libraries used by the Ethereum client Hyperledger Besu. Besu 24.7.1 through 25.2.2, corresponding to besu-native versions 0.9.0 through 1.2.1, have a potential consensus bug for the precompiles ALTBN128ADD 0x06,...
CVE-2025-30147 ALTBN128_ADD, ALTBN128_MUL, ALTBN128_PAIRING precompile functions do not check if points are on curve
Besu Native contains scripts and tooling that is used to build and package the native libraries used by the Ethereum client Hyperledger Besu. Besu 24.7.1 through 25.2.2, corresponding to besu-native versions 0.9.0 through 1.2.1, have a potential consensus bug for the precompiles ALTBN128ADD 0x06,...
CVE-2025-30147
Hyperledger Besu relies on besu-native to implement ALTBN128_ADD, ALTBN128_MUL, and ALTBN128_PAIRING precompiles. From Besu 24.7.1 through 25.2.2 (besu-native 0.9.0–1.2.1), a consensus bug could arise because the gnark-crypto bn254 implementation used for these precompiles did not perform proper ...
PT-2025-20289 · Hyperledger · Hyperledger Besu +1
Name of the Vulnerable Software and Affected Versions: Hyperledger Besu versions 24.7.1 through 25.2.2 besu-native versions 0.9.0 through 1.2.1 Description: The issue concerns a potential consensus bug in the precompiles ALTBN128 ADD 0x06, ALTBN128 MUL 0x07, and ALTBN128 PAIRING 0x08 due to the u...
Hyperledger Besu 安全漏洞
Hyperledger Besu is a Hyperledger open source application. It is used to run, maintain, debug and monitor nodes in the Ethernet network. A security vulnerability exists in Hyperledger Besu versions 24.7.1 through 25.2.2, which stems from a precompiled implementation issue that could lead to a...
CVE-2022-36025
Besu is a Java-based Ethereum client. In versions newer than 22.1.3 and prior to 22.7.1, Besu is subject to an Incorrect Conversion between Numeric Types. An error in 32 bit signed and unsigned types in the calculation of available gas in the CALL operations including DELEGATECALL results in...
CVE-2022-36025
Besu is a Java-based Ethereum client. In versions newer than 22.1.3 and prior to 22.7.1, Besu is subject to an Incorrect Conversion between Numeric Types. An error in 32 bit signed and unsigned types in the calculation of available gas in the CALL operations including DELEGATECALL results in...
Code injection
Besu is a Java-based Ethereum client. In versions newer than 22.1.3 and prior to 22.7.1, Besu is subject to an Incorrect Conversion between Numeric Types. An error in 32 bit signed and unsigned types in the calculation of available gas in the CALL operations including DELEGATECALL results in...
CVE-2022-36025 Incorrect Conversion between Numeric Types in Besu Ethereum Client
Besu is a Java-based Ethereum client. In versions newer than 22.1.3 and prior to 22.7.1, Besu is subject to an Incorrect Conversion between Numeric Types. An error in 32 bit signed and unsigned types in the calculation of available gas in the CALL operations including DELEGATECALL results in...
CVE-2022-36025
Besu (Java-based Ethereum client) contains a numeric conversion bug in gas calculation for CALL/DELEGATECALL, affecting versions after 22.1.3 and before 22.7.1. The error in 32-bit signed/unsigned arithmetic can pass incorrect gas to called contracts and return gas, potentially causing a differin...
CVE-2022-36025 Incorrect Conversion between Numeric Types in Besu Ethereum Client
Besu is a Java-based Ethereum client. In versions newer than 22.1.3 and prior to 22.7.1, Besu is subject to an Incorrect Conversion between Numeric Types. An error in 32 bit signed and unsigned types in the calculation of available gas in the CALL operations including DELEGATECALL results in...
CVE-2022-36025 Incorrect Conversion between Numeric Types in Besu Ethereum Client
Besu is a Java-based Ethereum client. In versions newer than 22.1.3 and prior to 22.7.1, Besu is subject to an Incorrect Conversion between Numeric Types. An error in 32 bit signed and unsigned types in the calculation of available gas in the CALL operations including DELEGATECALL results in...
Hyperledger Besu 安全漏洞
Hyperledger Besu is an open source application from Hyperledger. It is used to run, maintain, debug and monitor nodes in the Ethernet network. A security vulnerability exists in Hyperledger Besu versions prior to 22.1.3 through 22.7.1, which stems from an error in its 32-bit signed and unsigned...