CVE-2018-19155
HIGHnavcoin < 4.3.0 - Remote Denial of Service via Invalid Headers/Blocks
Title source: llmDescription
navcoin through 4.3.0 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service. The attacker sends invalid headers/blocks. The attack requires no stake and can fill the victim's disk and RAM.
References (2)
Core 2
Core References
Various Sources x_refsource_misc
https://medium.com/%40dsl_uiuc/fake-stake-attacks-on-chain-based-proof-of-stake-cryptocurrencies-b8b05723f806
Third Party Advisory x_refsource_misc
http://fc19.ifca.ai/preproceedings/180-preproceedings.pdf
Scores
CVSS v3
7.5
EPSS
0.0130
EPSS Percentile
66.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-400
Status
published
Products (1)
navcoin/navcoin
< 4.3.0
Published
Nov 05, 2019
Tracked Since
Feb 18, 2026