github.com/elrondnetwork/elrond-go is vulnerable to denial of service. The vulnerability exists in the TestSendNFTToContractWith0Function
function in asyncESDT_test.go
due to a lack of input validation, allowing an attacker to crash the system.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/elrondnetwork/elrond-go | le | v1.3.33 | |
github.com/elrondnetwork/elrond-go | le | v1.3.33 |
github.com/advisories/GHSA-qf7j-25g9-r63f
github.com/ElrondNetwork/elrond-go/blob/8e402fa6d7e91e779980122d3798b2bf50892945/integrationTests/vm/txsFee/asyncESDT_test.go#L402
github.com/ElrondNetwork/elrond-go/commit/cb487fd7be2a2077638eb34ae771a73630c870c7
github.com/ElrondNetwork/elrond-go/pull/4284
github.com/ElrondNetwork/elrond-go/security/advisories/GHSA-qf7j-25g9-r63f