exploitDog

CVE-2021-41591

Опубликовано: 04 окт. 2021

Источник: nvd

CVSS3: 9.4

CVSS2: 7.5

EPSS Низкий

Описание

ACINQ Eclair before 0.6.3 allows loss of funds because of dust HTLC exposure.

Ссылки

https://bitcoinmagazine.com/technical/good-griefing-a-lingering-vulnerability-on-lightning-network-that-still-needs-fixing
Press/Media Coverage
https://github.com/ACINQ/eclair/pull/1985
Patch
Third Party Advisory
https://lists.linuxfoundation.org/pipermail/lightning-dev/2020-May/002714.html
Mailing List
Vendor Advisory
https://lists.linuxfoundation.org/pipermail/lightning-dev/2021-October/003257.html
Exploit
Vendor Advisory
https://bitcoinmagazine.com/technical/good-griefing-a-lingering-vulnerability-on-lightning-network-that-still-needs-fixing
Press/Media Coverage
https://github.com/ACINQ/eclair/pull/1985
Patch
Third Party Advisory
https://lists.linuxfoundation.org/pipermail/lightning-dev/2020-May/002714.html
Mailing List
Vendor Advisory
https://lists.linuxfoundation.org/pipermail/lightning-dev/2021-October/003257.html
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:acinq:eclair:*:*:*:*:*:*:*:*

Версия до 0.6.3 (исключая)

EPSS

Процентиль: 69%

0.00591

Низкий

9.4 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-770

Связанные уязвимости

GHSA-r6qw-cx64-86rx

CVSS3: 9.4

github

больше 3 лет назад

ACINQ Eclair before 0.6.3 allows loss of funds because of dust HTLC exposure.

EPSS

Процентиль: 69%

0.00591

Низкий

9.4 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-770