3 matches found
GO-2024-2638 ValidateVoteExtensions function in Cosmos SDK may allow incorrect voting power assumptions in github.com/cosmos/cosmos-sdk
The default ValidateVoteExtensions helper function infers total voting power based on the injected VoteExtension, which are injected by the proposer. If your chain utilizes the ValidateVoteExtensions helper in ProcessProposal, a dishonest proposer can potentially mutate voting power of each...
ASA-2024-006: ValidateVoteExtensions helper function in Cosmos SDK may allow incorrect voting power assumptions
ASA-2024-006: ValidateVoteExtensions helper function may allow incorrect voting power assumptions Component: Cosmos SDK Criticality: High Affected Versions: Cosmos SDK versions = 0.50.4, on 0.50 branches Affected Users: Chain developers, Validator and Node operators Impact: Elevation of Privilege...
GHSA-95RX-M9M5-M94V ASA-2024-006: ValidateVoteExtensions helper function in Cosmos SDK may allow incorrect voting power assumptions
ASA-2024-006: ValidateVoteExtensions helper function may allow incorrect voting power assumptions Component: Cosmos SDK Criticality: High Affected Versions: Cosmos SDK versions = 0.50.4, on 0.50 branches Affected Users: Chain developers, Validator and Node operators Impact: Elevation of Privilege...