Lucene search
K
ParityFrontier

8 matches found

CVE
CVE
added 2022/08/19 8:25 p.m.96 views

CVE-2022-36008

Frontier (Substrate’s Ethereum compatibility layer) has a CVE-2022-36008 affecting parsing of the RPC exit reason for EVM reversion. In release builds, the RPC could return an incorrectly parsed exit reason; in debug builds, an overflow panic could occur. The issue is only relevant if a bridge no...

7.1CVSS6.8AI score0.00947EPSS
CVE
CVE
added 2022/01/14 5:5 p.m.75 views

CVE-2022-21685

CVE-2022-21685 affects Frontier’s MODEXP precompile in Substrate’s Ethereum compatibility layer. The root cause is a bug in the MODEXP precompile that can trigger an integer underflow. Impact: Debug builds: possible node crash Release/WebAssembly: limited impact to EVM out-of-gasMitigation: apply...

6.5CVSS6.3AI score0.01331EPSS
CVE
CVE
added 2023/03/22 8:11 p.m.69 views

CVE-2023-28431

CVE-2023-28431 describes a vulnerability in Frontier’s modexp precompile used by Substrate. The implementation treats even and odd moduli differently: odd moduli use Montgomery multiplication, while even moduli fall back to a slower plain power algorithm. This mismatch caused a gas-cost discrepan...

7.5CVSS7.3AI score0.00873EPSS
CVE
CVE
added 2022/09/24 1:25 a.m.67 views

CVE-2022-39242

CVE-2022-39242 affects Frontier, an Ethereum compatibility layer for Substrate. The root cause is that the worst-case weight was always counted as the block weight in all cases, allowing large EVM gas refunds to enable block spamming and inflate chain gas prices. The impact is limited: attack cos...

5.3CVSS5.1AI score0.00612EPSS
CVE
CVE
added 2021/09/03 5:45 p.m.63 views

CVE-2021-39193

CVE-2021-39193 concerns Frontier’s Ethereum compatibility layer (Frontier) and specifically a bug in the Substrate pallet-ethereum. Before commit 0b962f218f0cdd796dadfe26c3f09e68f7861b26, input data size validation was faulty, which could allow invalid transactions to be included in the Ethereum ...

5.3CVSS5.2AI score0.01189EPSS
CVE
CVE
added 2021/10/13 3:15 p.m.58 views

CVE-2021-41138

CVE-2021-41138 concerns Frontier, Substrate’s Ethereum compatibility layer. A signed Frontier-specific extrinsic for pallet-ethereum caused many validation checks to run only during transaction pool validation, not during block execution, allowing malicious validators to include invalid transacti...

5.3CVSS5.2AI score0.01339EPSS
CVE
CVE
added 2023/10/13 12:14 p.m.57 views

CVE-2023-45130

Frontier (Substrate’s Ethereum compatibility layer) has a CVE-2023-45130 issue where, prior to commit aea528198b3b226e0d20cce878551fd4c0e3d5d0, invoking opcode SUICIDE on a contract that has large storage can trigger a single IO call across the WebAssembly boundary to remove all storages, potenti...

7.5CVSS7.5AI score0.00893EPSS
CVE
CVE
added 2022/07/06 5:15 p.m.54 views

CVE-2022-31111

Frontier (Substrate’s Ethereum compatibility layer) is affected by a truncation error when converting between EVM balance type and Substrate balance type. In affected versions this can cause a discrepancy between the appeared EVM transfer value and the actual Substrate value transferred. The issu...

5.3CVSS5.1AI score0.01283EPSS