{"id":"GO-2021-0075","summary":"Panic due to improper validation of RPC messages in github.com/ethereum/go-ethereum","details":"Due to improper argument validation in RPC messages, a maliciously crafted message can cause a panic, leading to denial of service.","aliases":["CVE-2018-12018","GHSA-p5gc-957x-gfw9"],"modified":"2024-06-03T20:51:31Z","published":"2021-04-14T20:04:52Z","database_specific":{"url":"https://pkg.go.dev/vuln/GO-2021-0075","review_status":"REVIEWED"},"references":[{"type":"FIX","url":"https://github.com/ethereum/go-ethereum/pull/16891"},{"type":"FIX","url":"https://github.com/ethereum/go-ethereum/commit/a5237a27eaf81946a3edb4fafe13ed6359d119e4"}],"affected":[{"package":{"name":"github.com/ethereum/go-ethereum","ecosystem":"Go","purl":"pkg:golang/github.com/ethereum/go-ethereum"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.8.11"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/ethereum/go-ethereum/les","symbols":["ProtocolManager.handleMsg"]}]},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2021-0075.json"}}],"schema_version":"1.7.3"}