3 matches found
bcash-instadump (>=0.3.3 <=0.4.0), bcoin-stratum (=0.0.1) +3 more potentially affected by CVE-2018-17145 via bcoin (>=0.10.0 <=1.0.0-beta.14)
bcoin NPM version =0.10.0, =0.3.3, =0.1.0, =1.0.0, =2.1.1 - ihan =0.4.0 Source cves: CVE-2018-17145 Source advisory: OSV:GHSA-HX3R-JV9Q-85JW...
Bitcoin Inventory Out-of-Memory Denial-of-Service Attack (CVE-2018-17145)
There was an easily exploitable uncontrolled memory resource consumption denial-of-service vulnerability that existed in the peer-to-peer network code of three implementations of Bitcoin and several alternative chains. For more details please see: https://invdos.net/ For the paper:...
CVE-2018-17145
CVE-2018-17145 affects Bitcoin Core 0.16.x prior to 0.16.2 and Bitcoin Knots 0.16.x prior to 0.16.2. The root cause is mishandling of inventory (inv) messages, allowing an attacker to cause remote denial of service by flooding with multiple transaction inv messages using random hashes. Impact des...