Описание
LNbits is a Lightning wallet and accounts system. Paying invoices in Eclair that do not get settled within the internal timeout (about 30s) lead to a payment being considered failed, even though it may still be in flight. This vulnerability can lead to a total loss of funds for the node backend. This vulnerability is fixed in 0.12.6.
EPSS
Процентиль: 21%
0.00069
Низкий
8.1 High
CVSS3
Дефекты
CWE-754
Связанные уязвимости
CVSS3: 8.1
github
больше 1 года назад
LNbits improperly handles potential network and payment failures when using Eclair backend
EPSS
Процентиль: 21%
0.00069
Низкий
8.1 High
CVSS3
Дефекты
CWE-754