CVE-2022-36447
Last modified
CVE-2022-36447 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. An inflation issue was discovered in Chia Network CAT1 Standard 1.0.0. Previously minted tokens minted on the Chia blockchain using the CAT1 standard can be inflated to an arbitrary extent by any holder of any amount of the token. EPSS estimates a 0.71% chance of exploitation in the next 30 days.
Description
An inflation issue was discovered in Chia Network CAT1 Standard 1.0.0. Previously minted tokens minted on the Chia blockchain using the CAT1 standard can be inflated to an arbitrary extent by any holder of any amount of the token. The total amount of the token can be increased as high as the malicious actor pleases. This is true for every CAT1 on the Chia blockchain regardless of issuance rules. This attack is auditable on chain, so maliciously altered coins can potentially be marked by off-chain observers as malicious.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Chia | Network Cat1 Standard | 1.0.0 |
References
- https://chia.netVendor Advisory
- https://chia.netVendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2022-36447?
How severe is CVE-2022-36447?
How do I fix CVE-2022-36447?
Are you affected by CVE-2022-36447?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST