Lucene search
+L

7 matches found

gitlab
gitlab
added 2025/02/04 12:0 a.m.8 views

wasmvm: Malicious smart contract can slow down block production

CWA-2025-002 Severity Medium Moderate + Likely^1 Affected versions: - wasmvm = 2.2.0, = 2.1.0, = 2.0.0, 2.0.6 - wasmvm 1.5.8 Patched versions: - wasmvm 1.5.8, 2.0.6, 2.1.5, 2.2.2 Description of the bug The vulnerability can be used to slow down block production. The attack requires a malicious...

7AI score
Exploits0References9Affected Software1
github
github
added 2024/12/10 4:55 p.m.15 views

CosmWasm VM Incorrect metering

CWA-2024-007 Severity Medium Moderate + Likely^1 Affected versions: - wasmvm = 2.1.0, = 2.0.0, = 2.1.0, = 2.0.0, query wasm libwasmvm-version. It must show 1.5...

7AI score
Exploits0References6Affected Software3
gitlab
gitlab
added 2024/12/10 12:0 a.m.18 views

CosmWasm VM Incorrect metering

CWA-2024-007 Severity Medium Moderate + Likely^1 Affected versions: - wasmvm = 2.1.0, = 2.0.0, = 2.1.0, = 2.0.0, query wasm libwasmvm-version. It must show 1.5...

7AI score
Exploits0References7Affected Software1
osv
osv
added 2024/02/28 6:6 p.m.6 views

GHSA-555P-M4V6-CQXV ASA-2024-004: Default configuration param for Evidence may limit window of validity

ASA-2024-004: Default configuration param for Evidence may limit window of validity Component: CometBFT Criticality: Low Affected versions: All Affected users: Validators, Chain Builders + Maintainers Summary A default configuration in CometBFT has been found to be small for common use cases, and...

6.6AI score
Exploits0References2
github
github
added 2024/02/28 6:6 p.m.19 views

ASA-2024-004: Default configuration param for Evidence may limit window of validity

ASA-2024-004: Default configuration param for Evidence may limit window of validity Component: CometBFT Criticality: Low Affected versions: All Affected users: Validators, Chain Builders + Maintainers Summary A default configuration in CometBFT has been found to be small for common use cases, and...

6.6AI score
Exploits0References2Affected Software1
github
github
added 2024/02/21 12:13 a.m.17 views

ASA-2024-002: Default `PrepareProposalHandler` may produce invalid proposals when used with default `SenderNonceMempool`

ASA-2024-002: Default PrepareProposalHandler may produce invalid proposals when used with default SenderNonceMempool Component: Cosmos SDK Criticality: Medium Affected Versions: Cosmos SDK versions = 0.50.3; = 0.47.8 Affected Users: Chain developers, Validator and Node operators Impact: Denial of...

6.6AI score
Exploits0References6Affected Software1
github
github
added 2023/09/06 8:49 p.m.16 views

Cosmos-SDK Cosmovisor component may be vulnerable to denial of service

Component: Cosmovisor Criticality: Medium Affected Versions: Cosmovisor v1.0.0 distributed with Cosmos-SDK 0.46 Affected Users: Validators and Node operators utilizing unsupported versions of Cosmovisor Impact: DOS, potential RCE on node depending on configuration An issue has been identified on...

7.2AI score
Exploits0References4Affected Software1
Rows per page
Query Builder