VYPR
High severityNVD Advisory· Published Jan 30, 2020· Updated Aug 4, 2024

Ethereum Name Service - Malicious takeover of previously owned ENS names

CVE-2020-5232

Description

A user who owns an ENS domain can set a trapdoor, allowing them to transfer ownership to another user, and later regain ownership without the new owners consent or awareness. A new ENS deployment is being rolled out that fixes this vulnerability in the ENS registry.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
@ensdomains/ensnpm
< 0.4.00.4.0

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.