VYPR

Go Ethereum

by Ethereum

Source repositories

CVEs (17)

  • CVE-2025-24883HigJan 30, 2025
    risk 0.50cvss epss 0.01

    go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. A vulnerable node can be forced to shutdown/crash using a specially crafted message. This vulnerability is fixed in 1.14.13.

  • CVE-2024-32972HigMay 6, 2024
    risk 0.42cvss 7.5epss 0.01

    go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. Prior to 1.13.15, a vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix has been included in…

  • CVE-2026-26315Feb 19, 2026
    risk 0.00cvss epss 0.00

    go-ethereum (Geth) is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.16.9, through a flaw in the ECIES cryptography implementation, an attacker may be able to extract bits of the p2p node key. The issue is resolved in the v1.16.9 and v1.17.0…

  • CVE-2026-26314Feb 19, 2026
    risk 0.00cvss epss 0.01

    go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.16.9, a vulnerable node can be forced to shutdown/crash using a specially crafted message. The problem is resolved in the v1.16.9 and v1.17.0 releases of Geth.

  • CVE-2026-26313Feb 19, 2026
    risk 0.00cvss epss 0.01

    go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.17.0, an attacker can cause high memory usage by sending a specially-crafted p2p message. The issue is resolved in the v1.17.0 release.

  • CVE-2026-22868Jan 13, 2026
    risk 0.00cvss epss 0.01

    go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. A vulnerable node can be forced to shutdown/crash using a specially crafted message. This vulnerability is fixed in 1.16.8.

  • CVE-2026-22862Jan 13, 2026
    risk 0.00cvss epss 0.01

    go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. A vulnerable node can be forced to shutdown/crash using a specially crafted message. This vulnerability is fixed in 1.16.8.

  • CVE-2023-40591Sep 6, 2023
    risk 0.00cvss epss 0.01

    go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. A vulnerable node, can be made to consume unbounded amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix is included in geth version…

  • CVE-2022-29177May 20, 2022
    risk 0.00cvss epss 0.01

    Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.17, a vulnerable node, if configured to use high verbosity logging, can be made to crash when handling specially crafted p2p messages sent from an attacker node. Version 1.10.17…

  • CVE-2021-41173Oct 26, 2021
    risk 0.00cvss epss 0.01

    Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known…

  • CVE-2021-39137Aug 24, 2021
    risk 0.00cvss epss 0.02

    go-ethereum is the official Go implementation of the Ethereum protocol. In affected versions a consensus-vulnerability in go-ethereum (Geth) could cause a chain split, where vulnerable versions refuse to accept the canonical chain. Further details about the vulnerability will be…

  • CVE-2020-26264Dec 11, 2020
    risk 0.00cvss epss 0.02

    Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth before version 1.9.25 a denial-of-service vulnerability can make a LES server crash via malicious GetProofsV2 request from a connected LES client. This vulnerability only concerns…

  • CVE-2020-26265Dec 11, 2020
    risk 0.00cvss epss 0.01

    Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth from version 1.9.4 and before version 1.9.20 a consensus-vulnerability could cause a chain split, where vulnerable versions refuse to accept the canonical chain. The fix was included…

  • CVE-2020-26240Nov 25, 2020
    risk 0.00cvss epss 0.02

    Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. An ethash mining DAG generation flaw in Geth before version 1.9.24 could cause miners to erroneously calculate PoW in an upcoming epoch (estimated early January, 2021). This happened on the…

  • CVE-2020-26241Nov 25, 2020
    risk 0.00cvss epss 0.01

    Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. This is a Consensus vulnerability in Geth before version 1.9.17 which can be used to cause a chain-split where vulnerable nodes reject the canonical chain. Geth's pre-compiled dataCopy (at…

  • CVE-2020-26242Nov 25, 2020
    risk 0.00cvss epss 0.01

    Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth before version 1.9.18, there is a Denial-of-service (crash) during block processing. This is fixed in 1.9.18.

  • CVE-2018-20421Dec 24, 2018
    risk 0.00cvss epss 0.01

    Go Ethereum (aka geth) 1.8.19 allows attackers to cause a denial of service (memory consumption) by rewriting the length of a dynamic array in memory, and then writing data to a single memory location with a large index number, as demonstrated by use of "assembly { mstore }"…