CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41173 – DoS via maliciously crafted p2p message
https://notcve.org/view.php?id=CVE-2021-41173
Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known workarounds aside from upgrading. Go Ethereum es la implementación oficial en Golang del protocolo Ethereum. • https://github.com/ethereum/go-ethereum/commit/e40b37718326b8b4873b3b00a0db2e6c6d9ea738 https://github.com/ethereum/go-ethereum/pull/23801 https://github.com/ethereum/go-ethereum/releases/tag/v1.10.9 https://github.com/ethereum/go-ethereum/security/advisories/GHSA-59hh-656j-3p7v • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-39137 – Consensus flaw during block processing in go-ethereum
https://notcve.org/view.php?id=CVE-2021-39137
go-ethereum is the official Go implementation of the Ethereum protocol. In affected versions a consensus-vulnerability in go-ethereum (Geth) could cause a chain split, where vulnerable versions refuse to accept the canonical chain. Further details about the vulnerability will be disclosed at a later date. A patch is included in the upcoming `v1.10.8` release. No workaround are available. go-ethereum es la implementación oficial Go del protocolo Ethereum. • https://github.com/ethereum/go-ethereum/releases/tag/v1.10.8 https://github.com/ethereum/go-ethereum/security/advisories/GHSA-9856-9gg9-qcmq • CWE-436: Interpretation Conflict •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-26264 – LES Server DoS via GetProofsV2
https://notcve.org/view.php?id=CVE-2020-26264
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth before version 1.9.25 a denial-of-service vulnerability can make a LES server crash via malicious GetProofsV2 request from a connected LES client. This vulnerability only concerns users explicitly enabling les server; disabling les prevents the exploit. The vulnerability was patched in version 1.9.25. Go Ethereum, o "Geth", es la implementación oficial de Golang del protocolo Ethereum. • https://github.com/ethereum/go-ethereum/commit/bddd103a9f0af27ef533f04e06ea429cf76b6d46 https://github.com/ethereum/go-ethereum/pull/21896 https://github.com/ethereum/go-ethereum/releases/tag/v1.9.25 https://github.com/ethereum/go-ethereum/security/advisories/GHSA-r33q-22hv-j29q • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-26265 – Consensus flaw during block processing
https://notcve.org/view.php?id=CVE-2020-26265
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth from version 1.9.4 and before version 1.9.20 a consensus-vulnerability could cause a chain split, where vulnerable versions refuse to accept the canonical chain. The fix was included in the Paragade release version 1.9.20. No individual workaround patches have been made -- all users are recommended to upgrade to a newer version. Go Ethereum, o "Geth", es la implementación oficial de Golang del protocolo Ethereum. • https://github.com/ethereum/go-ethereum/releases/tag/v1.9.20 https://github.com/ethereum/go-ethereum/security/advisories/GHSA-xw37-57qp-9mm4 • CWE-682: Incorrect Calculation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-26240 – Erroneous Proof of Work calculation in geth
https://notcve.org/view.php?id=CVE-2020-26240
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. An ethash mining DAG generation flaw in Geth before version 1.9.24 could cause miners to erroneously calculate PoW in an upcoming epoch (estimated early January, 2021). This happened on the ETC chain on 2020-11-06. This issue is relevant only for miners, non-mining nodes are unaffected. This issue is fixed as of 1.9.24 Go Ethereum, o "Geth", es la implementación oficial de Golang del protocolo Ethereum. • https://blog.ethereum.org/2020/11/12/geth_security_release https://github.com/ethereum/go-ethereum/commit/d990df909d7839640143344e79356754384dcdd0 https://github.com/ethereum/go-ethereum/pull/21793 https://github.com/ethereum/go-ethereum/security/advisories/GHSA-v592-xf75-856p • CWE-682: Incorrect Calculation •