CVE-2020-26264
Go Ethereum (Geth) before v1.9.25 is vulnerable to a denial-of-service affecting the LES server via a malicious GetProofsV2 request from a connected LES client. The issue only concerns users who explicitly enable the LES server; disabling LES prevents exploitation. The vulnerability was fixed in ...