2 matches found
CVE-2022-24738
Evmos is the Ethereum Virtual Machine EVM Hub on the Cosmos Network. In versions of evmos prior to 2.0.1 attackers are able to drain unclaimed funds from user addresses. To do this an attacker must create a new chain which does not enforce signature verification and connects it to the target evmo...
CVE-2022-24738
Evmos prior to v2.0.1 is vulnerable to draining unclaimed funds by an attacker who creates a malicious chain that does not enforce signature verification and connects it to a target Evmos instance via IBC, enabling migration of claim records and fund transfer. The issue stems from a vulnerability...