CVE-2020-26240: Incorrect Calculation

November 25, 2020 (updated December 3, 2020)

Go Ethereum, or “Geth”, is the official Golang implementation of the Ethereum protocol. An ethash mining DAG generation flaw in Geth could cause miners to erroneously calculate PoW in an upcoming epoch.

References

blog.ethereum.org/2020/11/12/geth_security_release/
nvd.nist.gov/vuln/detail/CVE-2020-26240

Detect and mitigate CVE-2020-26240 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →