EUVD-2022-7141

Malicious code in bioql PyPI...

CVE-2021-21271

Tendermint Core is an open source Byzantine Fault Tolerant BFT middleware that takes a state transition machine - written in any programming language - and securely replicates it on many machines. Tendermint Core v0.34.0 introduced a new way of handling evidence of misbehavior. As part of this, w...

GHSA-P658-8693-MHVG Tendermint Core vulnerable to Uncontrolled Resource Consumption

Description Tendermint Core v0.34.0 introduced a new way of handling evidence of misbehavior. As part of this, we added a new Timestamp field to Evidence structs. This timestamp would be calculated using the same algorithm that is used when a block is created and proposed. This algorithm relies o...

CVE-2021-21271

Tendermint Core is an open source Byzantine Fault Tolerant BFT middleware that takes a state transition machine - written in any programming language - and securely replicates it on many machines. Tendermint Core v0.34.0 introduced a new way of handling evidence of misbehavior. As part of this, w...

CVE-2021-21271

Tendermint Core is an open source Byzantine Fault Tolerant BFT middleware that takes a state transition machine - written in any programming language - and securely replicates it on many machines. Tendermint Core v0.34.0 introduced a new way of handling evidence of misbehavior. As part of this, w...

Design/Logic Flaw

Tendermint Core is an open source Byzantine Fault Tolerant BFT middleware that takes a state transition machine - written in any programming language - and securely replicates it on many machines. Tendermint Core v0.34.0 introduced a new way of handling evidence of misbehavior. As part of this, w...

CVE-2021-21271

Tendermint Core CVE-2021-21271 describes a DoS due to timestamp miscalculation of DuplicateVoteEvidence during consensus. In v0.34.0–v0.34.2, the consensus reactor formed DuplicateVoteEvidence using last-commit timestamps, which could differ across nodes for the same height since a block hadn’t f...