22 matches found
EUVD-2023-2085
Malicious code in bioql PyPI...
EUVD-2023-1740
Malicious code in bioql PyPI...
Combating Reentrancy Bugs on Sharded Blockchains
Reentrancy is a well-known source of smart contract bugs on Ethereum, leading e.g. to double-spending vulnerabilities in DeFi applications. But less is known about this problem in other blockchains, which can have significantly different execution models. Sharded blockchains in particular general...
CVE-2023-33964
mx-chain-go is an implementation of the MultiversX blockchain protocol written in the Go language. Metachain cannot process a cross-shard miniblock. Prior to version 1.4.16, an invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor...
GO-2023-1912 mx-chain-go's relayed transactions always increment nonce in github.com/multiversx/mx-chain-go
mx-chain-go's relayed transactions always increment nonce in github.com/multiversx/mx-chain-go...
GO-2023-1806 mx-chain-go does not treat invalid transaction with wrong username correctly in github.com/multiversx/mx-chain-go
mx-chain-go does not treat invalid transaction with wrong username correctly in github.com/multiversx/mx-chain-go...
Malicious code in multiversx-wallet (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f98fdf8c728eafb929b2387abb537352eb1145b216abe16621bc44a851c23875 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2023-34458
mx-chain-go is the official implementation of the MultiversX blockchain protocol, written in golang. When executing a relayed transaction, if the inner transaction failed, it would have increased the inner transaction's sender account nonce. This could have contributed to a limited DoS attack on ...
Design/Logic Flaw
mx-chain-go is the official implementation of the MultiversX blockchain protocol, written in golang. When executing a relayed transaction, if the inner transaction failed, it would have increased the inner transaction's sender account nonce. This could have contributed to a limited DoS attack on ...
CVE-2023-34458 mx-chain-go's relayed transactions always increment nonce
mx-chain-go is the official implementation of the MultiversX blockchain protocol, written in golang. When executing a relayed transaction, if the inner transaction failed, it would have increased the inner transaction's sender account nonce. This could have contributed to a limited DoS attack on ...
CVE-2023-34458 mx-chain-go's relayed transactions always increment nonce
mx-chain-go is the official implementation of the MultiversX blockchain protocol, written in golang. When executing a relayed transaction, if the inner transaction failed, it would have increased the inner transaction's sender account nonce. This could have contributed to a limited DoS attack on ...
CVE-2023-34458 mx-chain-go's relayed transactions always increment nonce
mx-chain-go is the official implementation of the MultiversX blockchain protocol, written in golang. When executing a relayed transaction, if the inner transaction failed, it would have increased the inner transaction's sender account nonce. This could have contributed to a limited DoS attack on ...
CVE-2023-34458
CVE-2023-34458 affects mx-chain-go, the official MultiversX blockchain implementation. When executing a relayed transaction, if the inner transaction failed, the inner sender nonce could be incremented, creating a potential limited DoS condition on a targeted account. The issue is resolved by a b...
PT-2023-24890 · Multiversx · Mx-Chain-Go
Name of the Vulnerable Software and Affected Versions: mx-chain-go versions prior to 1.4.17 Description: The issue occurs when executing a relayed transaction in mx-chain-go, the official implementation of the MultiversX blockchain protocol. If the inner transaction fails, it increases the inner...
mx-chain-go does not treat invalid transaction with wrong username correctly
Impact Metachain cannot process a cross-shard miniblock. An invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor. This is strictly a processing issue that could have happened on MultiversX chain. If an error like this had occurre...
GHSA-7XPV-4PM9-XCH2 mx-chain-go does not treat invalid transaction with wrong username correctly
Impact Metachain cannot process a cross-shard miniblock. An invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor. This is strictly a processing issue that could have happened on MultiversX chain. If an error like this had occurre...
Cross site scripting
mx-chain-go is an implementation of the MultiversX blockchain protocol written in the Go language. Metachain cannot process a cross-shard miniblock. Prior to version 1.4.16, an invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor...
CVE-2023-33964 mx-chain-go does not treat invalid transaction with wrong username correctly
mx-chain-go is an implementation of the MultiversX blockchain protocol written in the Go language. Metachain cannot process a cross-shard miniblock. Prior to version 1.4.16, an invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor...
CVE-2023-33964
mx-chain-go corresponds to MultiversX chain code. Before version 1.4.16, an invalid cross-shard miniblock caused by a wrong username on metachain was not handled correctly, potentially stopping notarization of shard blocks. The patch introduced processIfTxErrorCrossShard in the metachain transact...
CVE-2023-33964 mx-chain-go does not treat invalid transaction with wrong username correctly
mx-chain-go is an implementation of the MultiversX blockchain protocol written in the Go language. Metachain cannot process a cross-shard miniblock. Prior to version 1.4.16, an invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor...