60 matches found
EUVD-2021-12717
Malware in sbrugna...
EUVD-2021-12718
Malware in sbrugna...
EUVD-2022-1247
Malicious code in bioql PyPI...
EUVD-2022-0930
Malicious code in bioql PyPI...
EUVD-2022-6548
Malicious code in bioql PyPI...
CVE-2021-25837
Cosmos Network Ethermint = v0.4.0 is affected by cache lifecycle inconsistency in the EVM module. Due to the inconsistency between the Storage caching cycle and the Tx processing cycle, Storage changes caused by a failed transaction are improperly reserved in memory. Although the bad storage cach...
CVE-2021-25836
Cosmos Network Ethermint = v0.4.0 is affected by cache lifecycle inconsistency in the EVM module. The bytecode set in a FAILED transaction wrongfully remains in memorystateObject.code and is further written to persistent store at the Endblock stage, which may be utilized to build honeypot contrac...
CVE-2021-25835
Cosmos Network Ethermint = v0.4.0 is affected by a cross-chain transaction replay vulnerability in the EVM module. Since ethermint uses the same chainIDEpoch and signature schemes with ethereum for compatibility, a verified signature in ethereum is still valid in ethermint with the same msg conte...
CVE-2021-25834
Cosmos Network Ethermint = v0.4.0 is affected by a transaction replay vulnerability in the EVM module. If the victim sends a very large nonce transaction, the attacker can replay the transaction through the application...
CVE-2022-35936
Ethermint is an Ethereum library. In Ethermint running versions before v0.17.2, the contract selfdestruct invocation permanently removes the corresponding bytecode from the internal database storage. However, due to a bug in the DeleteAccountfunction, all contracts that used the identical bytecod...
Transaction Replay Attack
github.com/cosmos/ethermint is vulnerable to Transaction Replay Attack. The vulnerability is due to a flaw in the EVM module where, if the victim sends a very large nonce transaction, the attacker can replay the transaction through the application...
GO-2022-0889 Authentication bypass by capture-replay in github.com/cosmos/ethermint
Authentication bypass by capture-replay in github.com/cosmos/ethermint...
GO-2022-0813 Authentication bypass by capture-replay in github.com/cosmos/ethermint
Authentication bypass by capture-replay in github.com/cosmos/ethermint...
GO-2022-0760 Ethermint vulnerable to DoS through unintended Contract Selfdestruct in github.com/crypto-org-chain/cronos
Ethermint vulnerable to DoS through unintended Contract Selfdestruct in github.com/crypto-org-chain/cronos...
Ethermint vulnerable to DoS through unintended Contract Selfdestruct
Vulnerability Report Impact Smart contract applications that make use of the selfdestruct functionality and their end-users. Classification The vulnerability has been classified as high with a CVSS score of 8.2. It has the potential to create a denial-of-service to all contracts that can invoke t...
GHSA-F92V-GRC2-W2FG Ethermint vulnerable to DoS through unintended Contract Selfdestruct
Vulnerability Report Impact Smart contract applications that make use of the selfdestruct functionality and their end-users. Classification The vulnerability has been classified as high with a CVSS score of 8.2. It has the potential to create a denial-of-service to all contracts that can invoke t...
Exposure of Resource to Wrong Sphere
Ethermint is an Ethereum library. In Ethermint running versions before v0.17.2, the contract selfdestruct invocation permanently removes the corresponding bytecode from the internal database storage. However, due to a bug in the DeleteAccountfunction, all contracts that used the identical bytecod...
Cronos vulnerable to DoS through unintended Contract Selfdestruct
In Cronos nodes running versions before v0.7.0, the contract selfdestruct invocation permanently removes the corresponding bytecode from the internal database storage. However, due to a bug in Ethermint, all contracts that used the identical bytecode i.e shared the same CodeHash will also stop...
GHSA-GWJ5-WP6R-5Q9F Cronos vulnerable to DoS through unintended Contract Selfdestruct
In Cronos nodes running versions before v0.7.0, the contract selfdestruct invocation permanently removes the corresponding bytecode from the internal database storage. However, due to a bug in Ethermint, all contracts that used the identical bytecode i.e shared the same CodeHash will also stop...
CVE-2022-35936
Ethermint is an Ethereum library. In Ethermint running versions before v0.17.2, the contract selfdestruct invocation permanently removes the corresponding bytecode from the internal database storage. However, due to a bug in the DeleteAccountfunction, all contracts that used the identical bytecod...