4 matches found
GO-2024-2731 Evmos vulnerable to unauthorized account creation with vesting module in github.com/evmos/evmos
Evmos vulnerable to unauthorized account creation with vesting module in github.com/evmos/evmos...
GHSA-M99C-Q26R-M7M7 Evmos vulnerable to unauthorized account creation with vesting module
Impact What kind of vulnerability is it? Who is impacted? Using the vesting module, a malicious attacker can create a new vesting account at a given address, before a contract is created on that address. Addresses of smart contracts deployed to the EVM are deterministic. Therefore, it would be...
Evmos vulnerable to unauthorized account creation with vesting module
Impact What kind of vulnerability is it? Who is impacted? Using the vesting module, a malicious attacker can create a new vesting account at a given address, before a contract is created on that address. Addresses of smart contracts deployed to the EVM are deterministic. Therefore, it would be...
Improper Input Validation
github.com/cosmos/cosmos-sdk is vulnerable to Improper Input Validation. The vulnerability is due to a lack of BlockedAddressed validation in the x/auth/vesting module which would prevent the creation of a periodic vesting account. If triggered, there is the potential for a chain halt if the...