{"id":"GO-2022-0256","summary":"Panic via maliciously crafted message in github.com/ethereum/go-ethereum","details":"A maliciously crafted snap/1 protocol message can cause a panic.","aliases":["CVE-2021-41173","GHSA-59hh-656j-3p7v"],"modified":"2024-05-20T16:03:47Z","published":"2022-07-15T23:08:03Z","database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0256","review_status":"REVIEWED"},"references":[{"type":"FIX","url":"https://github.com/ethereum/go-ethereum/pull/23657/commits/f1fd963a5a965e643e52fcf805a2a02a323c32b8"}],"affected":[{"package":{"name":"github.com/ethereum/go-ethereum","ecosystem":"Go","purl":"pkg:golang/github.com/ethereum/go-ethereum"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.10.9"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/ethereum/go-ethereum/eth/protocols/snap","symbols":["handleMessage"]},{"path":"github.com/ethereum/go-ethereum/trie","symbols":["SecureTrie.TryGetNode","Trie.TryGetNode","Trie.tryGetNode"]}]},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2022-0256.json"}}],"schema_version":"1.7.3"}