PT-2025-11230 — Go Github.Com/Cheqd/Cheqd-Node

PT-2025-11230 · Go · Github.Com/Cheqd/Cheqd-Node

Publicado

2025-03-13

Atualizado

2025-03-13

Nenhuma

Não há classificações de severidade ou métricas disponíveis. Quando houver, atualizaremos as informações correspondentes na página.

Description

There have been two upstream security advisories and associated patches published under ISA-2025-001 and ISA-2025-002.

ISA-2025-001 affects the IBC-Go package., where non-deterministic JSON unmarshalling of IBC Acknowledgements can result in a chain halt.

ISA-2025-002 affects the Cosmos SDK package, where x/group can halt when erroring in EndBlocker.

Impact

If unaddressed, this could result in a chain halt.

Patches

Validators, full nodes, and IBC relayers should upgrade to cheqd-node v3.1.8. This upgrade does not require a software upgrade proposal on-chain and is meant to be non state-breaking.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-1395

Identificadores relacionados

GHSA-H2RP-8VPX-Q9R4

Produtos afetados

Github.Com/Cheqd/Cheqd-Node