4 matches found
CVE-2025-5981
OSV-SCALIBR is affected by a path traversal vulnerability in its unpack() function used for container images, exploitable when the CLI flag --remote-image is used on untrusted images. The issue allows arbitrary file write on the host as the OSV-SCALIBR user. Several sources (GitHub commit referen...
CVE-2024-38359
The Lightning Network Daemon lnd - is a complete implementation of a Lightning Network node. A parsing vulnerability in lnd's onion processing logic and lead to a DoS vector due to excessive memory allocation. The issue was patched in lnd v0.17.0. Users should update to a version v0.17.0 to be...
CVE-2024-38359 Lightning Network Daemon Onion Bomb
The Lightning Network Daemon lnd - is a complete implementation of a Lightning Network node. A parsing vulnerability in lnd's onion processing logic and lead to a DoS vector due to excessive memory allocation. The issue was patched in lnd v0.17.0. Users should update to a version v0.17.0 to be...
CVE-2024-38359
The CVE-2024-38359 vulnerability affects the Lightning Network Daemon (lnd) in its onion processing logic, causing a Denial-of-Service due to excessive memory allocation. It has been patched in lnd v0.17.0; upgrading to a version greater than 0.17.0 mitigates the issue. As a partial mitigation, u...