Aleth Ethereum C++ Client up to 1.8.0 JSON File config.json stack-based overflow

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as critical, has been found in Aleth Ethereum C++ Client up to 1.8.0. This issue affects an unknown part of the file config.json of the component JSON File Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field01/11/2021 05:15 PM02/11/2021 07:11 AM02/11/2021 07:14 AM
nameAleth Ethereum C++ ClientAleth Ethereum C++ ClientAleth Ethereum C++ Client
version<=1.8.0<=1.8.0<=1.8.0
componentJSON File HandlerJSON File HandlerJSON File Handler
fileconfig.jsonconfig.jsonconfig.json
cwe121 (memory corruption)121 (memory corruption)121 (memory corruption)
risk222
cvss3_vuldb_acLLL
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aLLL
urlhttps://github.com/ethereum/aleth/issues/5917https://github.com/ethereum/aleth/issues/5917https://github.com/ethereum/aleth/issues/5917
cveCVE-2020-26800CVE-2020-26800CVE-2020-26800
date1610319600 (01/11/2021)1610319600 (01/11/2021)1610319600 (01/11/2021)
cvss2_vuldb_acLLL
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss2_vuldb_avAAA
cvss2_vuldb_auSSS
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlNDNDND
cvss2_vuldb_rcNDNDND
cvss3_vuldb_avAAA
cvss3_vuldb_prLLL
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_eXXX
cvss3_vuldb_rlXXX
cvss3_vuldb_rcXXX
cvss2_vuldb_basescore5.25.25.2
cvss2_vuldb_tempscore5.25.25.2
cvss3_vuldb_basescore5.55.55.5
cvss3_vuldb_tempscore5.55.55.5
cvss3_meta_basescore5.55.55.5
cvss3_meta_tempscore5.55.55.5
price_0day$0-$5k$0-$5k$0-$5k
cve_assigned16020216001602021600
cve_nvd_summaryA stack overflow vulnerability in Aleth Ethereum C++ client versionA stack overflow vulnerability in Aleth Ethereum C++ client version
cvss3_nvd_avL
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiR
cvss3_nvd_sU
cvss3_nvd_cN
cvss3_nvd_iN
cvss3_nvd_aH
cvss2_nvd_avN
cvss2_nvd_acM
cvss2_nvd_auN
cvss2_nvd_ciN
cvss2_nvd_iiN
cvss2_nvd_aiP
cvss2_nvd_basescore4.3
cvss3_nvd_basescore5.5

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!