CVE-2022-35936

CVE-2022-35936 (Ethermint) affects pre-0.17.2 Ethermint where selfdestruct can delete the bytecode entry, and due to a buggy DeleteAccount function, all contracts sharing the same CodeHash can fail after one contract self-destructs. Patch available in v0.18.0 which removes the deletion of contrac...

CVE-2021-43839

Cronos v0.6.5 fixes a vulnerability in Cronos nodes earlier than v0.6.5 where an attacker could drain the current-block transaction fees from Cosmos SDK’s FeeCollector by sending a crafted MsgEthereumTx. Affected: Cronos prior to v0.6.5. Root cause: improper handling enabling fee drainage at the ...