10 matches found
EUVD-2025-18117
Malicious code in bioql PyPI...
GHSA-79XG-Q4QM-7V9W CWA-2025-006: wasmd's improper error handling may lead to IBC channel opening despite error
CWA-2025-006: Improper error handling may lead to IBC channel opening despite error Severity High Considerable + Likely^1 Affected versions: - wasmd 0.60.0 - wasmd = 0.51.0 0.55.1 Patched versions: - wasmd 0.60.1, 0.55.1, 0.54.1, 0.53.3 Description of the bug A contract erroring during IBC channe...
CWA-2025-006: wasmd's improper error handling may lead to IBC channel opening despite error
CWA-2025-006: Improper error handling may lead to IBC channel opening despite error Severity High Considerable + Likely^1 Affected versions: - wasmd 0.60.0 - wasmd = 0.51.0 0.55.1 Patched versions: - wasmd 0.60.1, 0.55.1, 0.54.1, 0.53.3 Description of the bug A contract erroring during IBC channe...
Deserialization of Untrusted Data
Overview github.com/cosmos/ibc-go/modules/core/04-channel/keeper is an interblockchain communication protocol IBC implementation in Golang built as a SDK module. Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to inconsistencies in the deserialization...
Deserialization of Untrusted Data
Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to inconsistencies in the deserialization process of acknowledgments, leading to non-deterministic behavior that can halt a blockchain network. Note: This is only exploitable if the attacker has the...
Deserialization of Untrusted Data
Overview github.com/cosmos/ibc-go/v10/modules/core/04-channel/keeper is an interblockchain communication protocol IBC implementation in Golang built as a SDK module. Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to inconsistencies in the deserialization...
Deserialization of Untrusted Data
Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to inconsistencies in the deserialization process of acknowledgments, leading to non-deterministic behavior that can halt a blockchain network. Note: This is only exploitable if the attacker has the...
GHSA-JG6F-48FF-5XRW IBC-Go has Non-deterministic JSON Unmarshalling of IBC Acknowledgement
Name: ASA-2025-004: Non-deterministic JSON Unmarshalling of IBC Acknowledgement can result in a chain halt Component: IBC-Go Criticality: Critical Considerable Impact; Almost Certain Likelihood per ACMv1.2 Affected versions: IBC-Go = v7; Earlier IBC-Go versions may also be affected. Affected user...
PT-2025-9199 · Ibc-Go · Ibc-Go
Name of the Vulnerable Software and Affected Versions: IBC-Go versions 7 and later Description: An issue was discovered in IBC-Go's deserialization of acknowledgements, resulting in non-deterministic behavior that can halt a chain. Any user who can open an IBC channel can introduce this state to...
Design/Logic Flaw
Lightning Network Daemon lnd is an implementation of a lightning bitcoin overlay network node. All lnd nodes before version v0.15.4 are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments a...