cvedb.io
CVE-2018-10299
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2018-04-23T04:29:00.207 · Last modified 2026-06-17T01:33:49.197

Summary

An integer overflow in the batchTransfer function of a smart contract implementation for Beauty Ecosystem Coin (BEC), the Ethereum ERC20 token used in the Beauty Chain economic system, allows attackers to accomplish an unauthorized increase of digital assets by providing two _receivers arguments in conjunction with a large _value argument, as exploited in the wild in April 2018, aka the "batchOverflow" issue.

Affected products

beauty — beauty_ecosystem_coin

Does this affect you?

Add your gear to cvedb and we'll alert you only when beauty ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.