How severe is CVE-2022-31111?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2022-31111?

This is classified as CWE-670, which is a common weakness in software security.

CVE-2022-31111

MEDIUM Year: 2022

CVSS v3 Score

5.3

Medium

CVSS v2 Score

5.0

Medium

Weakness Type

CWE-670

View all →

Vulnerability Description

Frontier is Substrate's Ethereum compatibility layer. In affected versions the truncation done when converting between EVM balance type and Substrate balance type was incorrectly implemented. This leads to possible discrepancy between appeared EVM transfer value and actual Substrate value transferred. It is recommended that an emergency upgrade to be planned and EVM execution temporarily paused in the mean time. The issue is patched in Frontier master branch commit fed5e0a9577c10bea021721e8c2c5c378e16bf66 and polkadot-v0.9.22 branch commit e3e427fa2e5d1200a784679f8015d4774cedc934. This vulnerability affects only EVM internal states, but not Substrate balance states or node. You can temporarily pause EVM execution (by setting up a Substrate `CallFilter` that disables `pallet-evm` and `pallet-ethereum` calls before the patch can be applied.

CVE-2020-35477

MEDIUM

CVSS:5.3(Medium)

MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries in some situations. If one sets MediaWiki:Mainpage to Special:MyLanguage/Main Page, visits a log entry on Special:Log, and toggle...

CWE-6702020

CVE-2020-5753

MEDIUM

CVSS:5.3(Medium)

Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal phone and disclose currently used DNS server due to ICE Candidate handling...

CWE-6702020

CVE-2021-0273

MEDIUM

CVSS:5.3(Medium)

An always-incorrect control flow implementation in the implicit filter terms of Juniper Networks Junos OS and Junos OS Evolved on ACX5800, EX9200 Series, MX10000 Series, MX240, MX480, MX960 devices wi...

CWE-6702021

CVE-2021-43819

MEDIUM

CVSS:5.3(Medium)

Stargate-Bukkit is a mod for the minecraft video game which adds a portal focused environment. In affected versions Minecarts with chests will drop their items when teleporting through a portal; when ...

CWE-6702021

CVE-2021-43979

MEDIUM

CVSS:5.3(Medium)

Styra Open Policy Agent (OPA) Gatekeeper through 3.7.0 mishandles concurrency, sometimes resulting in incorrect access control. The data replication mechanism allows policies to access the Kubernetes ...

CWE-6702021

CVE-2021-45852

MEDIUM

CVSS:5.3(Medium)

An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious attackers can add patients without restriction via add_patient.php.

CWE-6702021

CVE-2022-31111

Vulnerability Description

Related Vulnerabilities

CVE-2020-35477

CVE-2020-5753

CVE-2021-0273

CVE-2021-43819

CVE-2021-43979

CVE-2021-45852