Skip to main content

Tendermint

3 CVEs product

Monthly

CVE-2021-21271 Go MEDIUM PATCH This Month

Tendermint Core is an open source Byzantine Fault Tolerant (BFT) middleware that takes a state transition machine - written in any programming language - and securely replicates it on many machines. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Tendermint
NVD GitHub
CVSS 3.1
6.5
EPSS
1.7%
CVE-2020-15091 Go MEDIUM POC PATCH This Month

TenderMint from version 0.33.0 and before version 0.33.6 allows block proposers to include signatures for the wrong block. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Jwt Attack Information Disclosure Tendermint
NVD GitHub
CVSS 3.1
6.5
EPSS
0.9%
CVE-2020-5303 Go LOW PATCH Monitor

Tendermint before versions 0.33.3, 0.32.10, and 0.31.12 has a denial-of-service vulnerability. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Tendermint
NVD GitHub
CVSS 3.1
3.7
EPSS
1.3%
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Tendermint Core is an open source Byzantine Fault Tolerant (BFT) middleware that takes a state transition machine - written in any programming language - and securely replicates it on many machines. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Tendermint
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

TenderMint from version 0.33.0 and before version 0.33.6 allows block proposers to include signatures for the wrong block. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Jwt Attack Information Disclosure Tendermint
NVD GitHub
EPSS 1% CVSS 3.7
LOW PATCH Monitor

Tendermint before versions 0.33.3, 0.32.10, and 0.31.12 has a denial-of-service vulnerability. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Tendermint
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy