26 matches found
EUVD-2021-12718
Malware in sbrugna...
EUVD-2021-12717
Malware in sbrugna...
EUVD-2022-1247
Malicious code in bioql PyPI...
EUVD-2022-0930
Malicious code in bioql PyPI...
CVE-2021-25836
Cosmos Network Ethermint = v0.4.0 is affected by cache lifecycle inconsistency in the EVM module. The bytecode set in a FAILED transaction wrongfully remains in memorystateObject.code and is further written to persistent store at the Endblock stage, which may be utilized to build honeypot contrac...
CVE-2021-25834
Cosmos Network Ethermint = v0.4.0 is affected by a transaction replay vulnerability in the EVM module. If the victim sends a very large nonce transaction, the attacker can replay the transaction through the application...
Transaction Replay Attack
github.com/cosmos/ethermint is vulnerable to Transaction Replay Attack. The vulnerability is due to a flaw in the EVM module where, if the victim sends a very large nonce transaction, the attacker can replay the transaction through the application...
GHSA-93P5-8FQW-WJX3 Authentication bypass by capture-replay in github.com/cosmos/ethermint
Cosmos Network Ethermint = v0.4.0 is affected by a transaction replay vulnerability in the EVM module. If the victim sends a very large nonce transaction, the attacker can replay the transaction through the application. Specific Go Packages Affected github.com/cosmos/ethermint/rpc/namespaces/eth...
CVE-2021-25837
Cosmos Network Ethermint = v0.4.0 is affected by cache lifecycle inconsistency in the EVM module. Due to the inconsistency between the Storage caching cycle and the Tx processing cycle, Storage changes caused by a failed transaction are improperly reserved in memory. Although the bad storage cach...
CVE-2021-25836
Cosmos Network Ethermint = v0.4.0 is affected by cache lifecycle inconsistency in the EVM module. The bytecode set in a FAILED transaction wrongfully remains in memorystateObject.code and is further written to persistent store at the Endblock stage, which may be utilized to build honeypot contrac...
CVE-2021-25835
Cosmos Network Ethermint = v0.4.0 is affected by a cross-chain transaction replay vulnerability in the EVM module. Since ethermint uses the same chainIDEpoch and signature schemes with ethereum for compatibility, a verified signature in ethereum is still valid in ethermint with the same msg conte...
CVE-2021-25836
Cosmos Network Ethermint = v0.4.0 is affected by cache lifecycle inconsistency in the EVM module. The bytecode set in a FAILED transaction wrongfully remains in memorystateObject.code and is further written to persistent store at the Endblock stage, which may be utilized to build honeypot contrac...
CVE-2021-25837
Cosmos Network Ethermint = v0.4.0 is affected by cache lifecycle inconsistency in the EVM module. Due to the inconsistency between the Storage caching cycle and the Tx processing cycle, Storage changes caused by a failed transaction are improperly reserved in memory. Although the bad storage cach...
CVE-2021-25834
Cosmos Network Ethermint = v0.4.0 is affected by a transaction replay vulnerability in the EVM module. If the victim sends a very large nonce transaction, the attacker can replay the transaction through the application...
Code injection
Cosmos Network Ethermint = v0.4.0 is affected by cache lifecycle inconsistency in the EVM module. The bytecode set in a FAILED transaction wrongfully remains in memorystateObject.code and is further written to persistent store at the Endblock stage, which may be utilized to build honeypot contrac...
Design/Logic Flaw
Cosmos Network Ethermint = v0.4.0 is affected by a transaction replay vulnerability in the EVM module. If the victim sends a very large nonce transaction, the attacker can replay the transaction through the application...
Code injection
Cosmos Network Ethermint = v0.4.0 is affected by cache lifecycle inconsistency in the EVM module. Due to the inconsistency between the Storage caching cycle and the Tx processing cycle, Storage changes caused by a failed transaction are improperly reserved in memory. Although the bad storage cach...
Cross site scripting
Cosmos Network Ethermint = v0.4.0 is affected by a cross-chain transaction replay vulnerability in the EVM module. Since ethermint uses the same chainIDEpoch and signature schemes with ethereum for compatibility, a verified signature in ethereum is still valid in ethermint with the same msg conte...
CVE-2021-25835
CVE-2021-25835 : Cosmos Network Ethermint
CVE-2021-25835
Cosmos Network Ethermint = v0.4.0 is affected by a cross-chain transaction replay vulnerability in the EVM module. Since ethermint uses the same chainIDEpoch and signature schemes with ethereum for compatibility, a verified signature in ethereum is still valid in ethermint with the same msg conte...