14 matches found
CVE-2023-33964
mx-chain-go is an implementation of the MultiversX blockchain protocol written in the Go language. Metachain cannot process a cross-shard miniblock. Prior to version 1.4.16, an invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor...
mx-chain-go does not treat invalid transaction with wrong username correctly
Impact Metachain cannot process a cross-shard miniblock. An invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor. This is strictly a processing issue that could have happened on MultiversX chain. If an error like this had occurre...
GHSA-7XPV-4PM9-XCH2 mx-chain-go does not treat invalid transaction with wrong username correctly
Impact Metachain cannot process a cross-shard miniblock. An invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor. This is strictly a processing issue that could have happened on MultiversX chain. If an error like this had occurre...
CVE-2023-33964
mx-chain-go is an implementation of the MultiversX blockchain protocol written in the Go language. Metachain cannot process a cross-shard miniblock. Prior to version 1.4.16, an invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor...
Cross site scripting
mx-chain-go is an implementation of the MultiversX blockchain protocol written in the Go language. Metachain cannot process a cross-shard miniblock. Prior to version 1.4.16, an invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor...
CVE-2023-33964 mx-chain-go does not treat invalid transaction with wrong username correctly
mx-chain-go is an implementation of the MultiversX blockchain protocol written in the Go language. Metachain cannot process a cross-shard miniblock. Prior to version 1.4.16, an invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor...
CVE-2023-33964
mx-chain-go corresponds to MultiversX chain code. Before version 1.4.16, an invalid cross-shard miniblock caused by a wrong username on metachain was not handled correctly, potentially stopping notarization of shard blocks. The patch introduced processIfTxErrorCrossShard in the metachain transact...
CVE-2023-33964 mx-chain-go does not treat invalid transaction with wrong username correctly
mx-chain-go is an implementation of the MultiversX blockchain protocol written in the Go language. Metachain cannot process a cross-shard miniblock. Prior to version 1.4.16, an invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor...
mx-chain-go 安全漏洞
mx-chain-go is a go implementation of the MultiversX protocol open sourced by MultiversX. A security vulnerability exists in mx-chain-go versions prior to 1.4.16, which arises from an invalid transaction caused by using the wrong username that is not properly processed by the Metachain transactio...
PT-2023-24605 · Multiversx · Mx-Chain-Go
Name of the Vulnerable Software and Affected Versions: mx-chain-go versions prior to 1.4.16 Description: The metachain cannot process a cross-shard miniblock. An invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor, which is a...
CVE-2022-46173
Elrond-GO is a go implementation for the Elrond Network protocol. Versions prior to 1.3.50 are subject to a processing issue where nodes are affected when trying to process a cross-shard relayed transaction with a smart contract deploy transaction data. The problem was a bad correlation between t...
Code injection
Elrond-GO is a go implementation for the Elrond Network protocol. Versions prior to 1.3.50 are subject to a processing issue where nodes are affected when trying to process a cross-shard relayed transaction with a smart contract deploy transaction data. The problem was a bad correlation between t...
CVE-2022-46173 Elrond go Processing: fallback search of SCRs when not found in the main cache
Elrond-GO is a go implementation for the Elrond Network protocol. Versions prior to 1.3.50 are subject to a processing issue where nodes are affected when trying to process a cross-shard relayed transaction with a smart contract deploy transaction data. The problem was a bad correlation between t...
PT-2022-27787 · Elrond-Go · Elrond-Go
Name of the Vulnerable Software and Affected Versions: Elrond-GO versions prior to 1.3.50 Description: The issue is a processing problem where nodes are affected when trying to process a cross-shard relayed transaction with a smart contract deploy transaction data. This occurs due to a bad...