How severe is CVE-2022-35913?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.3 out of 10.

What type of vulnerability is CVE-2022-35913?

This is classified as CWE-400, which is a common weakness in software security.

CVE-2022-35913 - MEDIUM Severity | CVSS 4.3

Vulnerability Description

Samourai Wallet Stonewallx2 0.99.98e allows a denial of service via a P2P coinjoin. The attacker and victim must follow each other's paynym. Then, the victim must try to collaborate with the attacker for a Stonewallx2 transaction. Next, the attacker broadcasts a tx, spending the inputs used in Stonewallx2 before the victim can broadcast the collaborative transaction. The attacker does not signal opt in RBF, and uses the lowest fee rate. This would result in the victim being unable to perform Stonewallx2. (Note that the attacker could use multiple paynyms.)

Related Vulnerabilities

CVE-2012-0049

MEDIUM

CVSS:4.3(Medium)

OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server.

CWE-4002012

CVE-2016-7427

MEDIUM

CVSS:4.3(Medium)

The broadcast mode replay prevention functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via a crafted broadcast mode packe...

CWE-4002016

CVE-2016-7428

MEDIUM

CVSS:4.3(Medium)

ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via the poll interval in a broadcast packet.

CWE-4002016

CVE-2018-15325

MEDIUM

CVSS:4.3(Medium)

In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, iControl and TMSH usage by authenticated users may leak a small amount of memory when executing commands

CWE-4002018

CVE-2019-13011

MEDIUM

CVSS:4.3(Medium)

An issue was discovered in GitLab Enterprise Edition 8.11.0 through 12.0.2. By using brute-force a user with access to a project, but not it's repository could create a list of merge requests template...

CWE-4002019

CVE-2020-13333

MEDIUM

CVSS:4.3(Medium)

A potential DOS vulnerability was discovered in GitLab versions 13.1, 13.2 and 13.3. The api to update an asset as a link from a release had a regex check which caused exponential number of backtracks...

CWE-4002020