CVE-2018-17968

Name of the Vulnerable Software and Affected Versions RuletkaIo (affected versions not specified)

Description The issue concerns a predictable random value generation in a smart contract implementation for an Ethereum gambling game. Specifically, the random() function uses a block timestamp and block hash from the Ethereum blockchain, making it predictable. An external contract can exploit this by replicating the random() function to determine the deadSeat value.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.