The endCoinFlip function and throwSlammer function of the smart contract implementations for Cryptogs, an Ethereum game, generate random numbers with an old block's hash. Therefore, attackers can predict the random number and always win the game.
References
Configurations
History
21 Nov 2024, 03:49
Type | Values Removed | Values Added |
---|---|---|
References | () https://medium.com/%40jonghyk.song/attack-on-pseudo-random-number-generator-prng-used-in-cryptogs-an-ethereum-cve-2018-14715-f63a51ac2eb9 - |
07 Nov 2023, 02:53
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2018-08-03 18:29
Updated : 2024-11-21 03:49
NVD link : CVE-2018-14715
Mitre link : CVE-2018-14715
CVE.ORG link : CVE-2018-14715
JSON object : View
Products Affected
cryptogs
- cryptogs
CWE
CWE-338
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)