CVE-2018-14715

N/A

Descripcion

The endCoinFlip function and throwSlammer function of the smart contract implementations for Cryptogs, an Ethereum game, generate random numbers with an old block's hash. Therefore, attackers can predict the random number and always win the game.

Detalles CVE

Puntuacion CVSS v3.1N/A

Publicado8/3/2018

Ultima modificacion11/21/2024

Fuentenvd

Avistamientos honeypot0

Productos afectados

cryptogs:cryptogs

Debilidades (CWE)

CWE-338

Referencias

https://medium.com/%40jonghyk.song/attack-on-pseudo-random-number-generator-prng-used-in-cryptogs-an-ethereum-cve-2018-14715-f63a51ac2eb9(cve@mitre.org)

https://medium.com/%40jonghyk.song/attack-on-pseudo-random-number-generator-prng-used-in-cryptogs-an-ethereum-cve-2018-14715-f63a51ac2eb9(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.