CVE-2018-1000618
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
EOSIO/eos eos version after commit f1545dd0ae2b77580c2236fdb70ae7138d2c7168 contains a stack overflow vulnerability in abi_serializer that can result in attack eos network node. This attack appear to be exploitable via network request. This vulnerability appears to have been fixed in after commit cf7209e703e6d3f7a5413e0cb1fe88a4d8e4b38d .
EOSIO/eos eos en versiones tras el commit con ID f1545dd0ae2b77580c2236fdb70ae7138d2c7168 contiene una vulnerabilidad de desbordamiento de pila en abi_serializer que puede resultar en un ataque al nodo de red de eos. Este ataque parece ser explotable mediante una peticiĆ³n de red. La vulnerabilidad parece haber sido solucionada tras el commit con ID cf7209e703e6d3f7a5413e0cb1fe88a4d8e4b38d.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-07-09 CVE Reserved
- 2018-07-09 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-674: Uncontrolled Recursion
CAPEC
References (1)
URL | Tag | Source |
---|---|---|
https://github.com/EOSIO/eos/pull/4112 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Eosio Project Search vendor "Eosio Project" | Eos Search vendor "Eosio Project" for product "Eos" | - | - |
Affected
|