Total
24 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-20421 | 1 Ethereum | 1 Go Ethereum | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Go Ethereum (aka geth) 1.8.19 allows attackers to cause a denial of service (memory consumption) by rewriting the length of a dynamic array in memory, and then writing data to a single memory location with a large index number, as demonstrated by use of "assembly { mstore }" followed by a "c[0xC800000] = 0xFF" assignment. | |||||
| CVE-2018-19184 | 1 Ethereum | 1 Go Ethereum | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| cmd/evm/runner.go in Go Ethereum (aka geth) 1.8.17 allows attackers to cause a denial of service (SEGV) via crafted bytecode. | |||||
| CVE-2018-16733 | 1 Ethereum | 1 Go Ethereum | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Go Ethereum (aka geth) before 1.8.14, TraceChain in eth/api_tracer.go does not verify that the end block is after the start block. | |||||
| CVE-2018-12018 | 1 Ethereum | 1 Go Ethereum | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The GetBlockHeadersMsg handler in the LES protocol implementation in Go Ethereum (aka geth) before 1.8.11 may lead to an access violation because of an integer signedness error for the array index, which allows attackers to launch a Denial of Service attack by sending a packet with a -1 query.Skip value. The vulnerable remote node would be crashed by such an attack immediately, aka the EPoD (Ethereum Packet of Death) issue. | |||||