AVG-1486 log
| Package | bitcoin-daemon |
| Status | Vulnerable |
| Severity | Medium |
| Type | multiple issues |
| Affected | 22.0-1 |
| Fixed | Unknown |
| Current | 28.1-2 [extra] |
| Ticket | Create |
| Created | Thu Jan 21 09:24:07 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-31876 | Medium | Yes | Insufficient validation | Bitcoin Core does not properly implement the replacement policy specified in BIP125, which makes it easier for attackers to trigger a loss of funds, or a... |
| CVE-2021-3195 | Medium | Yes | Directory traversal | bitcoind in Bitcoin Core can create a new file in an arbitrary directory (e.g., outside the ~/.bitcoin directory) via a dumpwallet RPC call. NOTE: this... |