CPE-C284920C-8AD0-4FF6-BAF9-26A5807457C7 Detail

CPE Details

Ethereum Go Ethereum 1.10.9

Vendor

ethereum

Product

go_ethereum

Version

1.10.9

Created

2021-11-23
14h15 +00:00

Modified

2022-07-07
17h22 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:ethereum:go_ethereum:1.10.9:::::::*

Informations

Vendor

ethereum

Product

go_ethereum

Version

1.10.9

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2023-42319	2023-10-17 22h00 +00:00	Geth (aka go-ethereum) through 1.13.4, when --http --graphql is used, allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a crafted GraphQL query. NOTE: the vendor's position is that the "graphql endpoint [is not] designed to withstand attacks by hostile clients, nor handle huge amounts of clients/traffic.	7.5	High
CVE-2023-40591	2023-09-06 18h07 +00:00	go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. A vulnerable node, can be made to consume unbounded amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix is included in geth version `1.12.1-stable`, i.e, `1.12.2-unstable` and onwards. Users are advised to upgrade. There are no known workarounds for this vulnerability.	7.5	High
CVE-2022-37450	2022-08-05 18h30 +00:00	Go Ethereum (aka geth) through 1.10.21 allows attackers to increase rewards by mining blocks in certain situations, and using a manipulation of time-difference values to achieve replacement of main-chain blocks, aka Riskless Uncle Making (RUM), as exploited in the wild in 2020 through 2022.	5.9	Medium
CVE-2022-29177	2022-05-20 14h20 +00:00	Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.17, a vulnerable node, if configured to use high verbosity logging, can be made to crash when handling specially crafted p2p messages sent from an attacker node. Version 1.10.17 contains a patch that addresses the problem. As a workaround, setting loglevel to default level (`INFO`) makes the node not vulnerable to this attack.	5.9	Medium
CVE-2021-42219	2022-03-16 22h02 +00:00	Go-Ethereum v1.10.9 was discovered to contain an issue which allows attackers to cause a denial of service (DoS) via sending an excessive amount of messages to a node. This is caused by missing memory in the component /ethash/algorithm.go.	7.5	High
CVE-2022-23327	2022-03-04 10h24 +00:00	A design flaw in Go-Ethereum 1.10.12 and older versions allows an attacker node to send 5120 future transactions with a high gas price in one message, which can purge all of pending transactions in a victim node's memory pool, causing a denial of service (DoS).	7.5	High
CVE-2021-43668	2021-11-18 14h05 +00:00	Go-Ethereum 1.10.9 nodes crash (denial of service) after receiving a serial of messages and cannot be recovered. They will crash with "runtime error: invalid memory address or nil pointer dereference" and arise a SEGV signal.	5.5	Medium

Ethereum Go Ethereum 1.10.9

CPE Details

CPE Name: cpe:2.3:a:ethereum:go_ethereum:1.10.9:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:ethereum:go_ethereum:1.10.9:::::::*