CVE-2018-14715

The endCoinFlip function and throwSlammer function of the smart contract implementations for Cryptogs, an Ethereum game, generate random numbers with an old block's hash. Therefore, attackers can predict the random number and always win the game.
Configurations

Configuration 1 (hide)

cpe:2.3:a:cryptogs:cryptogs:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:49

Type Values Removed Values Added
References () https://medium.com/%40jonghyk.song/attack-on-pseudo-random-number-generator-prng-used-in-cryptogs-an-ethereum-cve-2018-14715-f63a51ac2eb9 - () https://medium.com/%40jonghyk.song/attack-on-pseudo-random-number-generator-prng-used-in-cryptogs-an-ethereum-cve-2018-14715-f63a51ac2eb9 -

07 Nov 2023, 02:53

Type Values Removed Values Added
References
  • {'url': 'https://medium.com/@jonghyk.song/attack-on-pseudo-random-number-generator-prng-used-in-cryptogs-an-ethereum-cve-2018-14715-f63a51ac2eb9', 'name': 'https://medium.com/@jonghyk.song/attack-on-pseudo-random-number-generator-prng-used-in-cryptogs-an-ethereum-cve-2018-14715-f63a51ac2eb9', 'tags': ['Exploit', 'Third Party Advisory'], 'refsource': 'MISC'}
  • () https://medium.com/%40jonghyk.song/attack-on-pseudo-random-number-generator-prng-used-in-cryptogs-an-ethereum-cve-2018-14715-f63a51ac2eb9 -

Information

Published : 2018-08-03 18:29

Updated : 2024-11-21 03:49


NVD link : CVE-2018-14715

Mitre link : CVE-2018-14715

CVE.ORG link : CVE-2018-14715


JSON object : View

Products Affected

cryptogs

  • cryptogs
CWE
CWE-338

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)