Vulnerabilities > Parity

DATE CVE VULNERABILITY TITLE RISK
2020-12-31 CVE-2019-25003 Unspecified vulnerability in Parity Libsecp256K1
An issue was discovered in the libsecp256k1 crate before 0.3.1 for Rust.
network
low complexity
parity
7.5
2020-01-23 CVE-2019-20399 Information Exposure Through Discrepancy vulnerability in Parity Libsecp256K1
A timing vulnerability in the Scalar::check_overflow function in Parity libsecp256k1-rs before 0.3.1 potentially allows an attacker to leak information via a side-channel attack.
network
high complexity
parity CWE-203
5.9
2018-01-19 CVE-2017-14460 Unspecified vulnerability in Parity Ethereum Client 1.7.8
An exploitable overly permissive cross-domain (CORS) whitelist vulnerability exists in JSON-RPC of Parity Ethereum client version 1.7.8.
network
high complexity
parity
7.5
2018-01-11 CVE-2017-18016 Origin Validation Error vulnerability in Parity Browser 1.6.10
Parity Browser 1.6.10 and earlier allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by requesting other websites via the Parity web proxy engine (reusing the current website's token, which is not bound to an origin).
network
low complexity
parity CWE-346
5.3