Vulnerabilities (CVE)

Filtered by vendor Hashheroes Subscribe
Filtered by product Hashheroes
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-17987 1 Hashheroes 1 Hashheroes 2024-11-21 5.0 MEDIUM 7.5 HIGH
The determineWinner function of a smart contract implementation for HashHeroes Tiles, an Ethereum game, uses a certain blockhash value in an attempt to generate a random number for the case where NUM_TILES equals the number of people who purchased a tile, which allows an attacker to control the awarding of the prize by being the last person to purchase a tile.