vulnerability

Alpine Linux: CVE-2022-37450: Vulnerability in Multiple Components

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:N/I:C/A:N)	Aug 5, 2022	Aug 22, 2024	Oct 2, 2024

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:C/A:N)

Published

Aug 5, 2022

Added

Aug 22, 2024

Modified

Oct 2, 2024

Description

Go Ethereum (aka geth) through 1.10.21 allows attackers to increase rewards by mining blocks in certain situations, and using a manipulation of time-difference values to achieve replacement of main-chain blocks, aka Riskless Uncle Making (RUM), as exploited in the wild in 2020 through 2022.

Solution

alpine-linux-upgrade-geth

References

CVE-2022-37450
https://attackerkb.com/topics/CVE-2022-37450
URL-https://security.alpinelinux.org/vuln/CVE-2022-37450

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today