Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

OSV
OSVadded 2024/05/10 9:39 p.m.9 views

GO-2024-2638 ValidateVoteExtensions function in Cosmos SDK may allow incorrect voting power assumptions in github.com/cosmos/cosmos-sdk

The default ValidateVoteExtensions helper function infers total voting power based on the injected VoteExtension, which are injected by the proposer. If your chain utilizes the ValidateVoteExtensions helper in ProcessProposal, a dishonest proposer can potentially mutate voting power of each...

7AI score
Exploits0References3
Veracode
Veracodeadded 2024/03/13 5:16 a.m.13 views

Improper Input Validation

github.com/cosmos/cosmos-sdk is vulnerable to Improper Input Validation. The vulnerability is due to inadequate validation in the ValidateVoteExtensions function within abciutils.go. This flaw allows attackers to exploit the ValidateVoteExtensions helper function by inferring total voting power...

6.9AI score
Exploits0
Rows per page
Query Builder