Security Advisories for github.com/cometbft/cometbft in go
High
8 months ago
CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts
go
github.com/cometbft/cometbft
Moderate
8 months ago
CometBFT allows a malicious peer to make node stuck in blocksync
go
github.com/cometbft/cometbft
High
11 months ago
CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data
go
github.com/cometbft/cometbft
Moderate
over 1 year ago
CometBFT is unstability during blocksync when syncing from malicious peer
go
github.com/cometbft/cometbft
Low
over 1 year ago
ASA-2024-004: Default configuration param for Evidence may limit window of validity
go
github.com/cometbft/cometbft
High
over 1 year ago
Validation of `VoteExtensionsEnableHeight` can cause chain halt in Go package github.com/cometbft/cometbft
go
github.com/cometbft/cometbft
Low
about 2 years ago
CometBFT's default for `BlockParams.MaxBytes` consensus parameter may increase block times and affect consensus participation
go
github.com/cometbft/cometbft
High
about 2 years ago
CometBFT may duplicate transactions in the mempool's data structures
go
github.com/cometbft/cometbft
Moderate
about 2 years ago
CometBFT PeerState JSON serialization deadlock
go
github.com/cometbft/cometbft