go-ethereum

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Official Go implementation of the Ethereum protocol
Version 1.14.12-1 [extra]

Open

Group Affected Fixed Severity Status Ticket
AVG-2569 1.10.13-1 Low Vulnerable
Issue Group Severity Remote Type Description
CVE-2021-43668 AVG-2569 Low Yes Denial of service
Go-Ethereum 1.10.9 nodes crash (denial of service) after receiving a serial of messages and cannot be recovered. They will crash with "runtime error:...

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2320 1.10.7-1 1.10.8-1 High Fixed
AVG-1353 1.9.19-1 1.9.20-1 High Fixed
AVG-1351 1.9.24-2 1.9.25-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2021-39137 AVG-2320 High Yes Incorrect calculation
In go-ethereum before version 1.10.8, a consensus vulnerability could cause a chain split where vulnerable versions refuse to accept the canonical chain.
CVE-2020-26265 AVG-1353 High Yes Incorrect calculation
In go-ethereum from version 1.9.4 and before version 1.9.20, a consensus-vulnerability could cause a chain split, where vulnerable versions refuse to accept...
CVE-2020-26264 AVG-1351 Medium Yes Denial of service
In go-ethereum before version 1.9.25, a denial-of-service vulnerability can make a LES server crash via malicious GetProofsV2 request from a connected LES...