GO-2023-1806 mx-chain-go does not treat invalid transaction with wrong username correctly in github.com/multiversx/mx-chain-go

mx-chain-go does not treat invalid transaction with wrong username correctly in github.com/multiversx/mx-chain-go...

CVE-2023-34458

CVE-2023-34458 affects mx-chain-go, the official MultiversX blockchain implementation. When executing a relayed transaction, if the inner transaction failed, the inner sender nonce could be incremented, creating a potential limited DoS condition on a targeted account. The issue is resolved by a b...

PT-2023-24890 · Multiversx · Mx-Chain-Go

Name of the Vulnerable Software and Affected Versions: mx-chain-go versions prior to 1.4.17 Description: The issue occurs when executing a relayed transaction in mx-chain-go, the official implementation of the MultiversX blockchain protocol. If the inner transaction fails, it increases the inner...

GHSA-7XPV-4PM9-XCH2 mx-chain-go does not treat invalid transaction with wrong username correctly

Impact Metachain cannot process a cross-shard miniblock. An invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor. This is strictly a processing issue that could have happened on MultiversX chain. If an error like this had occurre...

Cross site scripting

mx-chain-go is an implementation of the MultiversX blockchain protocol written in the Go language. Metachain cannot process a cross-shard miniblock. Prior to version 1.4.16, an invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor...

CVE-2023-33964 mx-chain-go does not treat invalid transaction with wrong username correctly

mx-chain-go is an implementation of the MultiversX blockchain protocol written in the Go language. Metachain cannot process a cross-shard miniblock. Prior to version 1.4.16, an invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor...

CVE-2023-33964

mx-chain-go corresponds to MultiversX chain code. Before version 1.4.16, an invalid cross-shard miniblock caused by a wrong username on metachain was not handled correctly, potentially stopping notarization of shard blocks. The patch introduced processIfTxErrorCrossShard in the metachain transact...

CVE-2023-33964 mx-chain-go does not treat invalid transaction with wrong username correctly

mx-chain-go is an implementation of the MultiversX blockchain protocol written in the Go language. Metachain cannot process a cross-shard miniblock. Prior to version 1.4.16, an invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor...

CVE-2023-33964 mx-chain-go does not treat invalid transaction with wrong username correctly

mx-chain-go is an implementation of the MultiversX blockchain protocol written in the Go language. Metachain cannot process a cross-shard miniblock. Prior to version 1.4.16, an invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor...

mx-chain-go 安全漏洞

mx-chain-go is a go implementation of the MultiversX protocol open sourced by MultiversX. A security vulnerability exists in mx-chain-go versions prior to 1.4.16, which arises from an invalid transaction caused by using the wrong username that is not properly processed by the Metachain transactio...

PT-2023-24605 · Multiversx · Mx-Chain-Go

Name of the Vulnerable Software and Affected Versions: mx-chain-go versions prior to 1.4.16 Description: The metachain cannot process a cross-shard miniblock. An invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor, which is a...