How severe is CVE-2023-30543?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.7 out of 10.

What type of vulnerability is CVE-2023-30543?

This is classified as CWE-362, which is a common weakness in software security.

CVE-2023-30543

MEDIUM Year: 2023

CVSS v3 Score

5.7

Medium

Weakness Type

CWE-362

View all →

Vulnerability Description

@web3-react is a framework for building Ethereum Apps . In affected versions the `chainId` may be outdated if the user changes chains as part of the connection flow. This means that the value of `chainId` returned by `useWeb3React()` may be incorrect. In an application, this means that any data derived from `chainId` could be incorrect. For example, if a swapping application derives a wrapped token contract address from the `chainId` *and* a user has changed chains as part of their connection flow the application could cause the user to send funds to the incorrect address when wrapping. This issue has been addressed in PR #749 and is available in updated npm artifacts. There are no known workarounds for this issue. Users are advised to upgrade.

CVE-2020-27825

MEDIUM

CVSS:5.7(Medium)

A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, ma...

CWE-3622020

CVE-2023-23039

MEDIUM

CVSS:5.7(Medium)

An issue was discovered in the Linux kernel through 6.2.0-rc2. drivers/tty/vcc.c has a race condition and resultant use-after-free if a physically proximate attacker removes a VCC device while calling...

CWE-3622023

CVE-2024-2193

MEDIUM

CVSS:5.7(Medium)

A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can expl...

CWE-3622024

CVE-2015-7990

MEDIUM

CVSS:5.8(Medium)

Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly...

CWE-3622015

CVE-2017-14317

MEDIUM

CVSS:5.6(Medium)

A domain cleanup issue was discovered in the C xenstore daemon (aka cxenstored) in Xen through 4.9.x. When shutting down a VM with a stubdomain, a race in cxenstored may cause a double-free. The xenst...

CWE-3622017

CVE-2017-15038

MEDIUM

CVSS:5.6(Medium)

Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS users to obtain sensitive information from host heap memory via vectors related to read...

CWE-3622017

CVE-2023-30543

Vulnerability Description

Related Vulnerabilities

CVE-2020-27825

CVE-2023-23039

CVE-2024-2193

CVE-2015-7990

CVE-2017-14317

CVE-2017-15038