Vulnerability Report: GO-2024-2694
- GHSA-j496-crgh-34mx
- Affects: github.com/cosmos/ibc-go, github.com/cosmos/ibc-go/v2, and 6 more
- Published: May 20, 2024
Potential Reentrancy using Timeout Callbacks in ibc-hooks in github.com/cosmos/ibc-go
For detailed information about this vulnerability, visit https://github.com/cosmos/ibc-go/security/advisories/GHSA-j496-crgh-34mx.
Affected Packages
-
PathGo VersionsSymbols
-
before v4.6.0
-
before v5.4.0
-
before v6.3.0
-
before v7.4.0
-
before v8.2.0
Affected Modules
-
PathGo Versions
-
all versions, no known fixed
-
all versions, no known fixed
-
all versions, no known fixed
Aliases
References
- https://github.com/cosmos/ibc-go/security/advisories/GHSA-j496-crgh-34mx
- https://github.com/cosmos/ibc-go/commit/04275aa77644dec97fb91b749d963c992591b7f7
- https://github.com/cosmos/ibc-go/commit/278fa89f192af04af32d82fd5ef41f84f82edd97
- https://github.com/cosmos/ibc-go/commit/5e2e9ebc2f67df324028dd36a1837ffcc8e6b0dd
- https://github.com/cosmos/ibc-go/commit/a0185df3953070ba5ebcb66735925449d1dbe729
- https://github.com/cosmos/ibc-go/commit/e78b3a2b9c9ce80a67d6b1c2b7f9abcb225cc219
- https://vuln.go.dev/ID/GO-2024-2694.json
Feedback
See anything missing or incorrect?
Suggest an edit to this report.