CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-42374
https://notcve.org/view.php?id=CVE-2023-42374
13 Feb 2024 — An issue in mystenlabs Sui Blockchain before v.1.6.3 allow a remote attacker to execute arbitrary code and cause a denial of service via a crafted compressed script to the Sui node component. Un problema en mystenlabs Sui Blockchain anterior a v.1.6.3 permite a un atacante remoto ejecutar código arbitrario y provocar una denegación de servicio a través de un script comprimido manipulado para el componente del nodo Sui. • https://beosin.com/resources/%22memory-bomb%22-vulnerability-causes-sui-node-to-crash?lang=en-US • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-36184
https://notcve.org/view.php?id=CVE-2023-36184
08 Sep 2023 — CMysten Labs Sui blockchain v1.2.0 was discovered to contain a stack overflow via the component /spec/openrpc.json. Se descubrió que CMysten Labs Sui blockchain v1.2.0 contiene un desbordamiento de pila a través del componente "/spec/openrpc.json". • https://github.com/MystenLabs/sui/commit/8b681515c0cf435df2a54198a28ab4ef574d202b • CWE-787: Out-of-bounds Write •