8 matches found
CVE-2024-32873
Evmos is the Ethereum Virtual Machine EVM Hub on the Cosmos Network. The spendable balance is not updated properly when delegating vested tokens. The issue allows a clawback vesting account to anticipate the release of unvested tokens. This vulnerability is fixed in 18.0.0...
Incorrect Calculation
github.com/evmos/evmos is vulnerable to Incorrect Calculation. The vulnerability is due to a failure to update the spendable balance correctly when delegating vested tokens, allowing attackers with clawback vesting accounts to manipulate the system to treat unvested tokens as though they were...
GHSA-PXV8-QHRH-JC7V evmos allows transferring unvested tokens after delegations
Impact This advisory has been created to address the following vulnerabilities found in the Evmos codebase and affecting vesting accounts. Wrong spendable balance computation The spendable balance is not updated properly when delegating vested tokens. The following example help in describing the...
evmos allows transferring unvested tokens after delegations
Impact This advisory has been created to address the following vulnerabilities found in the Evmos codebase and affecting vesting accounts. Wrong spendable balance computation The spendable balance is not updated properly when delegating vested tokens. The following example help in describing the...
CVE-2024-32873
CVE-2024-32873 affects Evmos (EVM Hub on Cosmos). The issue: spendable balance is not updated during delegation from clawback vesting accounts, enabling anticipation of unvested tokens release. Root cause involves vesting/delegation logic and vesting/account handling; multiple connected reports d...
CVE-2024-32873 evmos allows transferring unvested tokens after delegations
Evmos is the Ethereum Virtual Machine EVM Hub on the Cosmos Network. The spendable balance is not updated properly when delegating vested tokens. The issue allows a clawback vesting account to anticipate the release of unvested tokens. This vulnerability is fixed in 18.0.0...
CVE-2024-32873 evmos allows transferring unvested tokens after delegations
Evmos is the Ethereum Virtual Machine EVM Hub on the Cosmos Network. The spendable balance is not updated properly when delegating vested tokens. The issue allows a clawback vesting account to anticipate the release of unvested tokens. This vulnerability is fixed in 18.0.0...
PT-2024-24929 · Evmos · Evmos
Name of the Vulnerable Software and Affected Versions: Evmos versions prior to 18.0.0 Description: The issue is related to the spendable balance not being updated properly when delegating vested tokens, allowing a clawback vesting account to anticipate the release of unvested tokens. This problem...