CVE-2018-19162
HIGHDivi < 4.0.5.0 - Remote Denial of Service via Invalid Block Storage
Title source: llmDescription
Divi through 4.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk.
References (2)
Core 2
Core References
Various Sources x_refsource_misc
https://medium.com/%40dsl_uiuc/fake-stake-attacks-on-chain-based-proof-of-stake-cryptocurrencies-b8b05723f806
Third Party Advisory x_refsource_misc
http://fc19.ifca.ai/preproceedings/180-preproceedings.pdf
Scores
CVSS v3
7.5
EPSS
0.0130
EPSS Percentile
66.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-400
Status
published
Products (1)
diviproject/divi
< 4.0.5.0
Published
Nov 05, 2019
Tracked Since
Feb 18, 2026