{"id":"CVE-2018-19162","details":"Divi through 4.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk.","modified":"2026-07-08T16:40:07.468003Z","published":"2019-11-05T21:15:12.760Z","references":[{"type":"WEB","url":"https://medium.com/%40dsl_uiuc/fake-stake-attacks-on-chain-based-proof-of-stake-cryptocurrencies-b8b05723f806"},{"type":"ADVISORY","url":"http://fc19.ifca.ai/preproceedings/180-preproceedings.pdf"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/diviproject/divi","events":[{"introduced":"0"},{"last_affected":"0268f11938081042847e292e4bcd19c7fbcb4ae4"}],"database_specific":{"cpe":"cpe:2.3:a:diviproject:divi:*:*:*:*:*:*:*:*","source":"CPE_RANGE","extracted_events":[{"introduced":"0"},{"last_affected":"4.0.5.0"}]}}],"versions":["Release-4.0.5.0","Release-4.0.3.0","Release-4.0.2.0","Release-4.0.1.1","Release-4.0.1.0","Release-4.0.0.2","Release-4.0.0.1","Release-4.0.0.0","w1.1.13","Mainnet","Desktop-GUI","CLI"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-19162.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}