6 matches found
CVE-2021-41138
Frontier is Substrate's Ethereum compatibility layer. In the newly introduced signed Frontier-specific extrinsic for pallet-ethereum, a large part of transaction validation logic was only called in transaction pool validation, but not in block execution. Malicious validators can take advantage of...
EUVD-2021-2260
Malware in sbrugna...
GHSA-6JRF-4JV4-R9MW tendermint-rs's Light Client Verifier allows malicious validators to spoof votes from other validators
Name: ISA-2025-003: Malicious validator can spoof votes from other validators Component: tendermint-rs Criticality: High Catastrophic Impact; Rare Likelihood per ACMv1.2 Affected versions: = v0.40.2 Affected users: Everyone Description tendermint-rs contains a critical vulnerability in its light...
GHSA-VJ62-G63V-F8MF Validity check missing in Frontier
Impact In the newly introduced signed Frontier-specific extrinsic for pallet-ethereum, a large part of transaction validation logic was only called in transaction pool validation, but not in block execution. Malicious validators can take advantage of this to put invalid transactions into a block...
CVE-2021-41138
CVE-2021-41138 concerns Frontier, Substrate’s Ethereum compatibility layer. A signed Frontier-specific extrinsic for pallet-ethereum caused many validation checks to run only during transaction pool validation, not during block execution, allowing malicious validators to include invalid transacti...
CVE-2021-41138 Validity check for signed Frontier-specific extrinsic not called in block execution
Frontier is Substrate's Ethereum compatibility layer. In the newly introduced signed Frontier-specific extrinsic for pallet-ethereum, a large part of transaction validation logic was only called in transaction pool validation, but not in block execution. Malicious validators can take advantage of...