ADVISORIES
GEM
SEVERITY
CVSS v3.x: 3.1 (Low)
UNAFFECTED VERSIONS
- < 0.10.0
PATCHED VERSIONS
- ~> 0.26.9
- >= 0.27.5
DESCRIPTION
"### Impact\n\nA race condition in the endorsement of resources (for instance, a proposal) allows a user to make more than once endorsement.\n\nTo exploit this vulnerability, the request to set an endorsement must be sent several times in parallel.\n \n### Workarounds\n\nDisable the Endorsement feature in the components. "