Improper Resource Shutdown or Release Affecting fisco-bcos/fisco-bcos Open this link in a new tab package, versions [0,]

Attack Complexity

Low
Availability

High

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

snyk-id

SNYK-UNMANAGED-FISCOBCOSFISCOBCOS-2825206
published

16 May 2022
disclosed

16 May 2022
credit

Unknown

Report a new vulnerability Found a mistake?

Introduced: 16 May 2022

CVE-2022-28937 Open this link in a new tab CWE-404 Open this link in a new tab

How to fix?

A fix was pushed into the master branch but not yet published.

Overview

Affected versions of this package are vulnerable to Improper Resource Shutdown or Release where a malicious node, via an invalid proposal with an invalid header, will cause normal nodes to stop producing new blocks and processing new clients' requests.

References

GitHub Issue
GitHub PR

Improper Resource Shutdown or Release Affecting fisco-bcos/fisco-bcos Open this link in a new tab package, versions [0,]

Attack Complexity

Availability

snyk-id

published

disclosed

credit

Introduced: 16 May 2022

How to fix?

Overview

References