go-ethereum
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | Official Go implementation of the Ethereum protocol |
| Version | 1.14.11-1 [extra] |
Open
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2569 | 1.10.13-1 | Low | Vulnerable |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-43668 | AVG-2569 | Low | Yes | Denial of service | Go-Ethereum 1.10.9 nodes crash (denial of service) after receiving a serial of messages and cannot be recovered. They will crash with "runtime error:... |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2320 | 1.10.7-1 | 1.10.8-1 | High | Fixed | |
| AVG-1353 | 1.9.19-1 | 1.9.20-1 | High | Fixed | |
| AVG-1351 | 1.9.24-2 | 1.9.25-1 | Medium | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-39137 | AVG-2320 | High | Yes | Incorrect calculation | In go-ethereum before version 1.10.8, a consensus vulnerability could cause a chain split where vulnerable versions refuse to accept the canonical chain. |
| CVE-2020-26265 | AVG-1353 | High | Yes | Incorrect calculation | In go-ethereum from version 1.9.4 and before version 1.9.20, a consensus-vulnerability could cause a chain split, where vulnerable versions refuse to accept... |
| CVE-2020-26264 | AVG-1351 | Medium | Yes | Denial of service | In go-ethereum before version 1.9.25, a denial-of-service vulnerability can make a LES server crash via malicious GetProofsV2 request from a connected LES... |