cve/CVE-2023-34458.md at main

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 4edef1e4c8 Update CVE sources 2024-05-28 08:49

2024-05-28 08:49:17 +00:00

1.2 KiB

Raw Permalink Blame History

CVE-2023-34458

Description

mx-chain-go is the official implementation of the MultiversX blockchain protocol, written in golang. When executing a relayed transaction, if the inner transaction failed, it would have increased the inner transaction's sender account nonce. This could have contributed to a limited DoS attack on a targeted account. The fix is a breaking change so a new flag RelayedNonceFixEnableEpoch was needed. This was a strict processing issue while validating blocks on a chain. This vulnerability has been patched in version 1.4.17.

POC

Reference

No PoCs from references.

Github

https://github.com/fkie-cad/nvd-json-data-feeds
https://github.com/miguelc49/CVE-2023-34458-1
https://github.com/miguelc49/CVE-2023-34458-2
https://github.com/miguelc49/CVE-2023-34458-3
https://github.com/nomi-sec/PoC-in-GitHub

1.2 KiB Raw Permalink Blame History

CVE-2023-34458

Description

POC

Reference

Github

1.2 KiB

Raw Permalink Blame History