SCA: security update for @ensdomains/ens-contracts (GHSA-rrxv-q8m4-wch3)

medium Tenable Self-Hosted Container Security Plugin ID 418919

Description

There are packages installed that are affected by a vulnerability referenced in the following CVE:

- Ethereum Name Service (ENS) is a distributed, open, and extensible naming system based on the Ethereum
blockchain. According to the documentation, controllers are allowed to register new domains and extend the
expiry of existing domains, but they cannot change the ownership or reduce the expiration time of existing
domains. However, a preliminary analysis suggests that an attacker-controlled controller may be able to
reduce the expiration time of existing domains due to an integer overflow in the renew function. The
vulnerability resides `@ensdomains/ens-contracts` prior to version 0.0.22. If successfully exploited, this
vulnerability would enable attackers to force the expiration of any ENS record, ultimately allowing them
to claim the affected domains for themselves. Currently, it would require a malicious DAO to exploit it.
Nevertheless, any vulnerability present in the controllers could potentially render this issue exploitable
in the future. An additional concern is the possibility of renewal discounts. Should ENS decide to
implement a system that offers unlimited .eth domains for a fixed fee in the future, the vulnerability
could become exploitable by any user due to the reduced attack cost. Version 0.0.22 contains a patch for
this issue. As long as registration cost remains linear or superlinear based on registration duration, or
limited to a reasonable maximum (eg, 1 million years), this vulnerability could only be exploited by a
malicious DAO. The interim workaround is thus to take no action. (CVE-2023-38698)

See Also

https://github.com/advisories/GHSA-rrxv-q8m4-wch3

Plugin Details

Severity: Medium

ID: 418919

Version: Revision 1.6

Type: Local

Family: SCA Checks

Published: 1/23/2025

Updated: 7/2/2026

Supported Sensors: Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Low

Score: 3

Percentile: 23.51

Vendor

Vendor Severity: Medium

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:C/A:N

CVSS Score Source: CVE-2023-38698

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.9

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/1/2023

Vulnerability Publication Date: 8/1/2023

Reference Information

CVE: CVE-2023-38698

cwe: CWE-190