Lucene search
K

6 matches found

Cvelist
Cvelist
added 2022/12/28 6:27 a.m.25 views

CVE-2022-46173 Elrond go Processing: fallback search of SCRs when not found in the main cache

Elrond-GO is a go implementation for the Elrond Network protocol. Versions prior to 1.3.50 are subject to a processing issue where nodes are affected when trying to process a cross-shard relayed transaction with a smart contract deploy transaction data. The problem was a bad correlation between t...

7.2CVSS7.2AI score0.00724EPSS
Exploits0References3
NVD
NVD
added 2022/09/06 9:15 p.m.31 views

CVE-2022-36061

Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.35, read only calls between contracts can generate smart contracts results. For example, if contract A calls in read only mode contract B and the called function will make changes upon the contract's B...

9.8CVSS0.00957EPSS
Exploits1References3
OSV
OSV
added 2022/09/06 8:35 p.m.25 views

CVE-2022-36061 Elrond go can execute on same context checks in VM

Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.35, read only calls between contracts can generate smart contracts results. For example, if contract A calls in read only mode contract B and the called function will make changes upon the contract's B...

6.5CVSS8.9AI score0.00957EPSS
Exploits1References5
NVD
NVD
added 2022/09/06 8:15 p.m.15 views

CVE-2022-36058

Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.34, anyone who uses elrond-go to process blocks historical or actual could encounter a MultiESDTNFTTransfer transaction like this: MultiESDTNFTTransfer with a missing function name. Basic functionality li...

7.5CVSS0.00952EPSS
Exploits1References3
CVE
CVE
added 2022/09/06 8:10 p.m.74 views

CVE-2022-36058

Elrond-go (github.com/ElrondNetwork/elrond-go) prior to version 1.3.34 is affected by CVE-2022-36058 due to a MultiESDTNFTTransfer call with a missing function name in SC addresses. The issue is confirmed in multiple sources (Red Hat, NVD, OSV, GHSA) and is triggered when processing certain Multi...

7.5CVSS7.4AI score0.00952EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/09/06 12:0 a.m.25 views

Improper Input Validation

Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.34, anyone who uses elrond-go to process blocks historical or actual could encounter a MultiESDTNFTTransfer transaction like this: MultiESDTNFTTransfer with a missing function name. Basic functionality li...

7.5CVSS3.5AI score0.00952EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder