CVE-2016-8889

2016-10-2815:00:00

mitre

www.cve.org

AI Score

6.3

Confidence

High

EPSS

0.001

Percentile

41.4%

JSON

In Bitcoin Knots v0.11.0.ljr20150711 through v0.13.0.knots20160814 (fixed in v0.13.1.knots20161027), the debug console stores sensitive information including private keys and the wallet passphrase in its persistent command history.

References

www.securityfocus.com/bid/94235

bitcointalk.org/index.php?topic=1618462.0

github.com/bitcoinknots/bitcoin/blob/v0.13.1.knots20161027/doc/release-notes.md