Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2025/02/05 11:18 a.m.9 views

CVE-2024-34360

go-spacemesh is a Go implementation of the Spacemesh protocol full node. Nodes can publish activations transactions ATXs which reference the incorrect previous ATX of the Smesher that created the ATX. ATXs are expected to form a single chain from the newest to the first ATX ever published by an...

8.2CVSS6.5AI score0.00094EPSS
Exploits0References1
NVD
NVDadded 2024/05/14 3:38 p.m.19 views

CVE-2024-34360

go-spacemesh is a Go implementation of the Spacemesh protocol full node. Nodes can publish activations transactions ATXs which reference the incorrect previous ATX of the Smesher that created the ATX. ATXs are expected to form a single chain from the newest to the first ATX ever published by an...

8.2CVSS8AI score0.00094EPSS
Exploits0References3
CNNVD
CNNVDadded 2024/05/14 12:0 a.m.2 views

go-spacemesh 代码问题漏洞

go-spacemesh is a node-wide implementation of the Go Spacemesh protocol open-sourced by Spacemesh. A code issue vulnerability exists in go-spacemesh versions prior to 1.37.1, which stems from failing to check a previous ATX as the latest valid ATX when validating incoming ATX...

8.2CVSS8AI score0.00094EPSS
Exploits0References5
Cvelist
Cvelistadded 2024/05/10 3:50 p.m.25 views

CVE-2024-34360 Previous ATX is not checked to be the newest valid ATX by Smesher when validating incoming ATX

go-spacemesh is a Go implementation of the Spacemesh protocol full node. Nodes can publish activations transactions ATXs which reference the incorrect previous ATX of the Smesher that created the ATX. ATXs are expected to form a single chain from the newest to the first ATX ever published by an...

8.2CVSS8.2AI score0.00094EPSS
Exploits0References3
CVE
CVEadded 2024/05/10 3:50 p.m.112 views

CVE-2024-34360

CVE-2024-34360 affects go-spacemesh (Spacemesh full-node implementation). The issue is that ATXs can reference an incorrect previous ATX instead of the latest, breaking the protocol’s single-chain requirement from newest to oldest ATX by an identity. This can enable an attack vector where nodes m...

8.2CVSS7.9AI score0.00094EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2024/05/10 3:33 p.m.49 views

Previous ATX is not checked to be the newest valid ATX by Smesher when validating incoming ATX

Impact Nodes can publish ATXs which reference the incorrect previous ATX of the Smesher that created the ATX. ATXs are expected to form a single chain from the newest to the first ATX ever published by an identity. Allowing Smeshers to reference an earlier but not the latest ATX as previous break...

8.2CVSS7AI score0.00094EPSS
Exploits0References7Affected Software2
Positive Technologies
Positive Technologiesadded 2024/05/10 12:0 a.m.3 views

PT-2024-25818 · Unknown · Spacemesh Api +1

Name of the Vulnerable Software and Affected Versions: go-spacemesh versions prior to 1.5.2-hotfix1 Spacemesh API versions prior to 1.37.1 Description: The issue allows nodes to publish activations transactions ATXs that reference an incorrect previous ATX of the Smesher that created the ATX. Thi...

8.2CVSS6.8AI score0.00094EPSS
Exploits0References10
Rows per page
Query Builder