{"uuid": "ab67d9be-ad21-427f-a90f-83e377fe137d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26264", "type": "seen", "source": "https://t.me/cibsecurity/20456", "content": "\u203c CVE-2020-26264 \u203c\n\nGo Ethereum, or \"Geth\", is the official Golang implementation of the Ethereum protocol. In Geth before version 1.9.25 a denial-of-service vulnerability can make a LES server crash via malicious GetProofsV2 request from a connected LES client. This vulnerability only concerns users explicitly enabling les server; disabling les prevents the exploit. The vulnerability was patched in version 1.9.25.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-11T22:25:17.000000Z"}