Описание
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth from version 1.9.4 and before version 1.9.20 a consensus-vulnerability could cause a chain split, where vulnerable versions refuse to accept the canonical chain. The fix was included in the Paragade release version 1.9.20. No individual workaround patches have been made -- all users are recommended to upgrade to a newer version.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 1.9.4 (включая) до 1.9.20 (исключая)
cpe:2.3:a:ethereum:go_ethereum:*:*:*:*:*:*:*:*
EPSS
Процентиль: 40%
0.00183
Низкий
5.3 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-682
CWE-682
Связанные уязвимости
CVSS3: 5.3
debian
больше 4 лет назад
Go Ethereum, or "Geth", is the official Golang implementation of the E ...
CVSS3: 5.3
github
около 4 лет назад
Consensus flaw during block processing in github.com/ethereum/go-ethereum
EPSS
Процентиль: 40%
0.00183
Низкий
5.3 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-682
CWE-682