Cosmos-SDK Cosmovisor component may be vulnerable to denial of service

Component: Cosmovisor Criticality: Medium Affected Versions: Cosmovisor v1.0.0 distributed with Cosmos-SDK 0.46 Affected Users: Validators and Node operators utilizing unsupported versions of Cosmovisor Impact: DOS, potential RCE on node depending on configuration An issue has been identified on...

Malicious users can manipulate the withdrawRound to withdraw their stake before the unbonding period is over.

Lines of code Vulnerability details Impact Disruption the normal bonding incentives and mechanisms in the protocol. Validators or transcoders could withdrew unexpectedly, preventing governance responses to bonded token changes. Proof of Concept The withdrawStake function first checks if the...

PYSEC-2023-100

In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS regular expression denial of service attack via a very large number of domain name labels of emails and URLs...

CVE-2023-35163 Vega's validators able to submit duplicate transactions

Vega is a decentralized trading platform that allows pseudo-anonymous trading of derivatives on a blockchain. Prior to version 0.71.6, a vulnerability exists that allows a malicious validator to trick the Vega network into re-processing past Ethereum events from Vega’s Ethereum bridge. For exampl...

CVE-2023-35163 Vega's validators able to submit duplicate transactions

Vega is a decentralized trading platform that allows pseudo-anonymous trading of derivatives on a blockchain. Prior to version 0.71.6, a vulnerability exists that allows a malicious validator to trick the Vega network into re-processing past Ethereum events from Vega’s Ethereum bridge. For exampl...

Vega's validators able to submit duplicate transactions

A vulnerability exists that allows a malicious validator to trick the Vega network into re-processing past Ethereum events from Vega’s Ethereum bridge. For example, a deposit to the collateral bridge for 100USDT that credits a party’s general account on Vega, can be re-processed 50 times resultin...

CVE-2023-26435

It was possible to call filesystem and network references using the local LibreOffice instance using manipulated ODT documents. Attackers could discover restricted network topology and services as well as including local files with read permissions of the open-xchange system user. This was limite...

CVE-2023-26435

It was possible to call filesystem and network references using the local LibreOffice instance using manipulated ODT documents. Attackers could discover restricted network topology and services as well as including local files with read permissions of the open-xchange system user. This was limite...

Open redirect

It was possible to call filesystem and network references using the local LibreOffice instance using manipulated ODT documents. Attackers could discover restricted network topology and services as well as including local files with read permissions of the open-xchange system user. This was limite...

CVE-2023-26435

It was possible to call filesystem and network references using the local LibreOffice instance using manipulated ODT documents. Attackers could discover restricted network topology and services as well as including local files with read permissions of the open-xchange system user. This was limite...

CVE-2023-26435

Open-Xchange App Suite vulnerability (CVE-2023-26435) arises from a code issue related to processing ODT documents via a local LibreOffice instance. The root cause is insufficient validation of filesystem and network references, enabling an attacker to discover restricted network topology and ser...

NodeOperator will steal other NodeOperators' validators through frontrunning

Lines of code Vulnerability details Impact People that want to earn staking rewards, but do not have the resources to run validators, will see Stader as an avenue where they can easily steal and use others validators and they will actually earn Operator rewards from Stader. This could lead to two...

GHSA-QFC5-6R3J-JJ22 Go package github.com/cosmos/cosmos-sdk module x/crisis does NOT cause chain halt

x/crisis does NOT cause chain halt Impact If an invariant check fails on a Cosmos SDK network and a transaction is sent to the x/crisis module to halt the chain, the chain does not halt. All versions of the x/crisis module is affected on all versions of the Cosmos SDK. Details The x/crisis module...

bfactory (>=0.4.0 <=0.4.4), coop (>=5.2.0 <=5.2.2) +38 more potentially affected by CVE-2023-31047 via django (>=4.2.0 <=4.2.0rc1)

django PYPI version =4.2.0, =0.4.0, =5.2.0, =3.1.0, =7.2.2, =39.1.0, =9.3.0, =0.1.0a1, =1.0.0, =0.2.1, =0.2.2 - django-handy-admin =0.0.0 and more Source cves: CVE-2023-31047 Source advisory: OSV:GHSA-R3XC-PRGR-MG9P...

Regular Expression Denial Of Service (ReDoS)

validators is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability exists because url.py uses a REGEX pattern that has insufficient regular expression complexity which allows an attacker to cause an application crash...

SUSE CVE-2015-1555

Zend/Session/SessionManager in Zend Framework 2.2.x before 2.2.9, 2.3.x before 2.3.4 allows remote attackers to create valid sessions without using session validators...

SUSE CVE-2015-5144

Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 uses an incorrect regular expression, which allows remote attackers to inject arbitrary headers and conduct HTTP response splitting attacks via a newline character in an 1 email message to the EmailValidator, a ...

SUSE CVE-2019-19588

The validators package 0.12.2 through 0.12.5 for Python enters an infinite loop when validators.domain is called with a crafted domain string. This is fixed in 0.12.6...

SUSE CVE-2020-6413

Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass HTML validators via a crafted HTML page...

Shopware vulnerable to Improper Input Validation of Clearance sale in cart

Impact It is possible to put the same line item multiple one in the cart using API, the Cart Validators checked the line item's individuality and the user was able to skip the clearance sale in cart Patches The problem has been fixed with 6.4.18.1 Workarounds For older versions of 6.1, 6.2, and...