VYPR
Vendor

FISCO-BCOS

Products
1
CVEs
6
Across products
6
Status
Private

Products

1

Recent CVEs

6
  • CVE-2022-28937HigMay 15, 2022
    risk 0.49cvss 7.5epss 0.01

    FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where a malicious node, via an invalid proposal with an invalid header, will cause normal nodes to stop producing new blocks and processing new clients' requests.

  • CVE-2022-28936HigMay 15, 2022
    risk 0.49cvss 7.5epss 0.01

    FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where a malicious node can trigger an integer overflow and cause a Denial of Service (DoS) via an unusually large viewchange message packet.

  • CVE-2022-26534HigMar 17, 2022
    risk 0.49cvss 7.5epss 0.01

    FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where a malicious node, via a malicious viewchange packet, will cause normal nodes to change view excessively and stop generating blocks.

  • CVE-2021-46359HigFeb 7, 2022
    risk 0.49cvss 7.5epss 0.01

    FISCO-BCOS release-3.0.0-rc2 contains a denial of service vulnerability. Some transactions may not be committed successfully, and malicious users may use this to achieve double-spending attacks.

  • CVE-2021-35041HigJun 24, 2021
    risk 0.49cvss 7.5epss 0.01

    The blockchain node in FISCO-BCOS V2.7.2 may have a bug when dealing with unformatted packet and lead to a crash. A malicious node can send a packet continuously. The packet is in an incorrect format and cannot be decoded by the node correctly. As a result, the node may consume…

  • CVE-2024-58131MedApr 6, 2025
    risk 0.26cvss 4.0epss 0.00

    FISCO BCOS 3.11.0 has an issue with synchronization of the transaction pool that can, for example, be observed when a malicious node (that has modified the codebase to allow a large min_seal_time value) joins a blockchain network.