4 matches found
Denial Of Service (DOS)
ethabi is vulnerable to Denial Of Service DOS. The vulnerability is caused by the Ethereum ABI specification allowing zero-sized-types ZST, which can lead to Denial Of Service upon parsing a malicious payload and schema. If a ZST takes zero bytes when stored on disk, but after parsing occupies...
GHSA-RQR8-PXH7-CQ3G Ethereum ABI decoder DoS when parsing ZST
With this notification I would like to inform about a DoS vector in the Ethereum ABI decoder. We have not yet found a way to exploit this with high impact, still the bug could potentially lead to a DoS in server systems. Feel free to ask about an extension of the embargo period. Trail of Bits is...
Malicious code in ethereum-abi (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cf7779b92215c3edf5de2e2c80a218d9a1c9c1e340b6fc39daefb6d39f6397b4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-2863 Malicious code in ethereum-abi (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cf7779b92215c3edf5de2e2c80a218d9a1c9c1e340b6fc39daefb6d39f6397b4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...