Lucene search
Veracode Vulnerability DatabaseVERACODE:36965HistorySep 07, 2022 - 7:29 a.m.
Denial Of Service (DoS)
2022-09-0707:29:57
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
vulnerability
input validation
denial of service
asyncesdt_test.go
system crash
software
0.001 Low
EPSS
Percentile
30.7%
github.com/elrondnetwork/elrond-go is vulnerable to denial of service. The vulnerability exists in the TestSendNFTToContractWith0Function function in asyncESDT_test.go due to a lack of input validation, allowing an attacker to crash the system.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/elrondnetwork/elrond-go | le | v1.3.33 | |
| github.com/elrondnetwork/elrond-go | le | v1.3.33 |
References
github.com/advisories/GHSA-qf7j-25g9-r63f
github.com/ElrondNetwork/elrond-go/blob/8e402fa6d7e91e779980122d3798b2bf50892945/integrationTests/vm/txsFee/asyncESDT_test.go#L402
github.com/ElrondNetwork/elrond-go/commit/cb487fd7be2a2077638eb34ae771a73630c870c7
github.com/ElrondNetwork/elrond-go/pull/4284
github.com/ElrondNetwork/elrond-go/security/advisories/GHSA-qf7j-25g9-r63f
Related
cve
cve
CVE-2022-36058
2022-09-06 20:15:08
github
github
gitlab
gitlab
Improper Input Validation
2022-09-06 00:00:00
Duplicate of ./go/github.com/ElrondNetwork/elrond-go/CVE-2022-36058.yml
2022-09-01 00:00:00
osv
osv
CVE-2022-36058
2022-09-06 20:15:08
nvd
nvd
CVE-2022-36058
2022-09-06 20:15:08
prion
prion
Design/Logic Flaw
2022-09-06 20:15:00
cvelist
cvelist