{"id":"CVE-2018-19151","details":"qtum through 0.16 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service. The attacker sends invalid headers/blocks. The attack requires no stake and can fill the victim's disk and RAM.","modified":"2026-04-10T04:12:50.825046Z","published":"2019-10-29T20:15:10.927Z","references":[{"type":"WEB","url":"https://medium.com/%40dsl_uiuc/fake-stake-attacks-on-chain-based-proof-of-stake-cryptocurrencies-b8b05723f806"},{"type":"ADVISORY","url":"http://fc19.ifca.ai/preproceedings/180-preproceedings.pdf"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/qtumproject/qtum","events":[{"introduced":"0"},{"last_affected":"56845d768f21e7a488ed495bac6443a612b67355"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.16"}]}}],"versions":["bitcoin_v0.14.0","bitcoin_v0.14.0rc3","mainnet-ignition-v0.14.11","mainnet-ignition-v0.14.12","mainnet-ignition-v0.14.13","mainnet-ignition-v0.14.14","mainnet-ignition-v0.14.15","mainnet-ignition-v0.14.16","mainnet-ignition-v0.14.17","mainnet-ignition-v0.15.1","mainnet-ignition-v0.15.2","mainnet-ignition-v0.15.3","mainnet-ignition-v0.16.0","mainnet-ignition-v1.0","mainnet-ignition-v1.0.1","mainnet-ignition-v1.0.2","mainnet-ignition-v1.0.3","mainnet-ignition-v1.0.4","mainnet-ignition-v1.1.0","mainnet-ignition-v1.1.1","mainnet-ignition-v1.1.2","mainnet-ignition-v1.1.3","mainnet-ignition-v1.1.4"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-19151.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}