{"id":"CVE-2018-19158","details":"ColossusCoinXT through 1.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk.","modified":"2026-04-10T04:11:24.489541Z","published":"2019-03-21T16:00:30.140Z","references":[{"type":"WEB","url":"https://medium.com/%40dsl_uiuc/fake-stake-attacks-on-chain-based-proof-of-stake-cryptocurrencies-b8b05723f806"},{"type":"ADVISORY","url":"http://fc19.ifca.ai/preproceedings/180-preproceedings.pdf"},{"type":"FIX","url":"https://github.com/ColossusCoinXT/ColossusCoinXT/compare/0223904...9666bb8"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/colossuscoinxt/colossuscoinxt","events":[{"introduced":"0"},{"last_affected":"701af04f31e86a8ae4d6dc147c6e22fa2fb71a15"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.0.5"}]}}],"versions":["2.0.0.0","v0.11.0.0","v0.11.0.1","v0.11.0.10","v0.11.0.11","v0.11.0.12","v0.11.0.13","v0.11.0.14","v0.11.0.2","v0.11.0.3","v0.11.0.4","v0.11.0.5","v0.11.0.6","v0.11.0.7","v0.11.0.8","v0.11.1.20","v0.11.1.21","v0.11.1.22","v0.11.1.23","v0.11.1.24","v0.11.1.25","v0.11.2.16","v0.11.2.17","v0.11.2.21","v0.11.2.22","v0.11.2.23","v0.12.0.44","v0.12.0.45","v0.12.0.46","v0.12.0.47","v0.12.0.48","v0.12.0.49","v0.12.0.51","v0.12.0.52","v0.12.0.53","v0.12.0.55","v0.12.0.56","v0.3.1","v0.3.11_notexact","v0.3.1rc1","v0.3.2","v0.3.20","v0.3.20.01_closest","v0.3.20.2_closest","v0.3.21","v0.3.21rc","v0.3.22","v0.3.22rc1","v0.3.22rc2","v0.3.22rc3","v0.3.22rc4","v0.3.23","v0.3.23rc1","v0.3.24","v0.3.24rc1","v0.3.24rc2","v0.3.24rc3","v0.3.3","v0.3.6","v0.3.7","v0.3.8","v0.4.0","v0.4.00rc1","v0.4.00rc2","v0.5.0","v0.5.0rc1","v0.5.0rc2","v0.5.0rc4","v0.5.0rc5","v0.5.0rc6","v0.5.0rc7","v0.5.1","v0.5.1rc1","v0.5.1rc2","v0.6.0","v0.6.0rc1","v0.6.0rc2","v0.6.0rc3","v0.6.0rc4","v0.6.0rc5","v0.6.0rc6","v0.6.1","v0.6.1rc1","v0.6.1rc2","v0.7.0","v0.7.0rc1","v0.7.0rc2","v0.7.0rc3","v0.7.1","v0.7.1rc1","v0.8.0","v0.8.0rc1","v0.8.2","v0.8.2rc1","v0.8.2rc2","v0.8.2rc3","v1.0.0","v1.0.0-linux","v1.0.0-mac","v1.0.0.0","v1.0.1-win","v1.0.1.0","v1.0.2.0","v1.0.2.1","v1.0.3","v1.0.5","v1.1.0.0","v1.1.0.1","v1.1.0.2","v2.0.0.0","v2.0.1.0","v2.0.2.0","v2.0.3.0","v2.0.4.0","v2.0.5.0","v2.1.0.0","v2.1.1.0","v2.1.2.0","v2.1.2.1","v2.1.2.2","v2.1.2.3","v2.1.3.0","v2.1.3.1","v2.1.3.2","v2.1.3.3","v2.1.3.4","v2.1.4.0","v2.1.6","v2.1.7"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-19158.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}