CVE-2018-19154
HIGHHTMLCOIN < 2.12 - Unauthenticated Denial of Service via Invalid Headers/Blocks
Title source: llmDescription
HTMLCOIN through 2.12 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service. The attacker sends invalid headers/blocks. The attack requires no stake and can fill the victim's disk and RAM.
References (2)
Core 2
Core References
Various Sources x_refsource_misc
https://medium.com/%40dsl_uiuc/fake-stake-attacks-on-chain-based-proof-of-stake-cryptocurrencies-b8b05723f806
Third Party Advisory x_refsource_misc
http://fc19.ifca.ai/preproceedings/180-preproceedings.pdf
Scores
CVSS v3
7.5
EPSS
0.0130
EPSS Percentile
66.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-400
Status
published
Products (1)
htmlcoin/htmlcoin
< 2.12
Published
Nov 05, 2019
Tracked Since
Feb 18, 2026