Vulnerability in Spacemeshos Go-spacemesh
CVE-2024-34360
go-spacemesh is a Go implementation of the Spacemesh protocol full node. Nodes can publish activations transactions (ATXs) which reference the incorrect previous ATX of the Smesher that created the ATX. ATXs are expected to form a single c…
EPSS: 0.007 (49.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.2 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N.
Affected products
- Spacemeshos Go-spacemesh — versions < 1.5.2-hotfix1
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)
- security-advisories@github.com (x_refsource_MISC)
- security-advisories@github.com (x_refsource_MISC)
Frequently asked questions
- What is CVE-2024-34360?
- CVE-2024-34360 is a high-severity vulnerability in Spacemeshos Go-spacemesh, classified under Improper Check for Unusual or Exceptional Conditions. CVSS score: 8.2/10. Published 2024-05-14.
- How severe is CVE-2024-34360?
- High severity. CVSS v3 base score is 8.2 out of 10.