CVE-2023-34450 CometBFT PeerState JSON serialization deadlock

CometBFT is a Byzantine Fault Tolerant BFT middleware that takes a state transition machine and replicates it on many machines. An internal modification made in versions 0.34.28 and 0.37.1 to the way struct PeerState is serialized to JSON introduced a deadlock when new function MarshallJSON is...

PT-2023-24886 · Cometbft · Cometbft

Name of the Vulnerable Software and Affected Versions: CometBFT versions 0.34.28 through 0.34.28 CometBFT versions 0.37.1 through 0.37.1 Description: An internal modification to the way struct PeerState is serialized to JSON introduced a deadlock when the new function MarshallJSON is called. This...