CVE-2020-20178
Published: 24 May 2021
Ethereum 0xe933c0cd9784414d5f278c114904f5a84b396919#code.sol latest version is affected by a denial of service vulnerability in the affected payout function. Once the length of this array is too long, it will result in an exception. Attackers can make attacks by creating a series of account addresses.
Notes
Author | Note |
---|---|
mdeslaur | Description refers to openldap, RedHat bug refers to this CVE but is for ansible. SUSE bug refers to commits from CVE-2021-27212 Not clear what this CVE applies to as of 2021-06-09 As of 2021-06-18, mitre description has switched to something related to ethereum. Not sure what this CVE is about, but marking it as not-affected. |
Priority
Severity score breakdown
Parameter | Value |
---|---|
Base score | 7.5 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | None |
Integrity impact | None |
Availability impact | High |
Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |