Improper Input Validation Affecting gethdevelop Open this link in a new tab package, versions >=0.0.0
Attack Complexity
Low
Integrity
High
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications-
snyk-id
SNYK-COCOAPODS-GETHDEVELOP-472155
-
published
8 Oct 2019
-
disclosed
8 Sep 2018
-
credit
Chen Nan
Introduced: 8 Sep 2018
CVE-2018-16733 Open this link in a new tabHow to fix?
There is no fixed version for GethDevelop
.
Overview
GethDevelop is a golang implementation of the Ethereum protocol.
Affected versions of this package are vulnerable to Improper Input Validation. TraceChain in eth/api_tracer.go
does not verify that the end block is after the start block.