CVE-2024-41945

CVSS 3.1 Score 3.1 of 10 (low)

Details

Published Jul 30, 2024

Updated: Jul 31, 2024

CWE ID 20

Summary

CVE-2024-41945 is a vulnerability affecting the fuels-ts library, which is used for interacting with Fuel v2. The library's TypeScript SDK fails to recognize transactions funded with already used UTXOs, leading to unexpected behavior. Specifically, the `fund` function in `fuels-ts/packages/account/src/account.ts` retrieves required resources statelessly using `getResourcesToSpend`, disregarding previously utilized UTXOs. Consequently, transactions may not be included in the transaction pool or in blocks, or they may silently replace previous transactions in the pool.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xNsbdW
https://www.cve.org/CVERecord?id=CVE-2024-41945
https://nvd.nist.gov/vuln/detail/CVE-2024-41945

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Know What Matters

For Customers

For Partners

CVE-2024-41945

CVSS 3.1 Score 3.1 of 10 (low)

Details

Summary

Advisories, Assessments, and Mitigations