9 matches found
CVE-2021-45698
An issue was discovered in the ckb crate before 0.40.0 for Rust. A getblocktemplate RPC call may fail in situations where it is supposed to select a Nervos CKB blockchain transaction with a higher fee rate than another transaction...
PT-2024-27891 · WordPress · Tagdiv Composer
Name of the Vulnerable Software and Affected Versions: tagDiv Composer plugin for WordPress versions up to, and including, 4.8 Description: The issue allows authenticated attackers with contributor-level and above permissions to include and execute arbitrary files on the server via the 'td block...
CVE-2021-45698
An issue was discovered in the ckb crate before 0.40.0 for Rust. A getblocktemplate RPC call may fail in situations where it is supposed to select a Nervos CKB blockchain transaction with a higher fee rate than another transaction...
Rust 安全漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. a security vulnerability exists in versions of Rust prior to ckb crate 0.40.0, which stems from a failed getblocktemplate RPC call. No details of the vulnerability are currently available...
Miner fails to get block template when a cell used as a cell dep has been destroyed.
Impact The RPC getblocktemplate fails when a cell has been used as a cell dep and an input in the different transactions. Say cell C is used as a dep group in the transaction A, and is destroyed in the transaction B. The node adds transaction A first, then B into the transaction pool. They are bo...
GHSA-V666-6W97-PCWM Miner fails to get block template when a cell used as a cell dep has been destroyed.
Impact The RPC getblocktemplate fails when a cell has been used as a cell dep and an input in the different transactions. Say cell C is used as a dep group in the transaction A, and is destroyed in the transaction B. The node adds transaction A first, then B into the transaction pool. They are bo...
RUSTSEC-2021-0107 Miner fails to get block template when a cell used as a cell dep has been destroyed.
Impact The RPC getblocktemplate fails when a cell has been used as a cell dep and an input in the different transactions. Say cell C is used as a dep group in the transaction A, and is destroyed in the transaction B. The node adds transaction A first, then B into the transaction pool. They are bo...
Miner fails to get block template when a cell used as a cell dep has been destroyed.
Impact The RPC getblocktemplate fails when a cell has been used as a cell dep and an input in the different transactions. Say cell C is used as a dep group in the transaction A, and is destroyed in the transaction B. The node adds transaction A first, then B into the transaction pool. They are bo...
XSS in client rendered block templates
Overview Affected versions of rendr are vulnerable to cross-site scripting when client side rendering is done inside a block. Server side rendering is not affected and is properly escaped. Recommendation Update to version 1.1.4 or later. References - PR 61 - PR 513 - GitHub Advisory...