22 matches found
CVE-2021-41591
ACINQ Eclair before 0.6.3 allows loss of funds because of dust HTLC exposure...
EUVD-2019-4574
Malware in sbrugna...
EUVD-2021-28605
Malicious code in bioql PyPI...
GHSA-3J4H-H3FP-VWWW LNbits improperly handles potential network and payment failures when using Eclair backend
Summary Paying invoices in Eclair that do not get settled within the internal timeout about 30s lead to a payment being considered failed, even though it may still be in flight. Details Using blocking: true on the API call will lead to a timeout error if a payment does not get settled in the 30s...
LNbits improperly handles potential network and payment failures when using Eclair backend
Summary Paying invoices in Eclair that do not get settled within the internal timeout about 30s lead to a payment being considered failed, even though it may still be in flight. Details Using blocking: true on the API call will lead to a timeout error if a payment does not get settled in the 30s...
CVE-2024-34694 LNbits improperly handles potential network and payment failures when using Eclair backend
LNbits is a Lightning wallet and accounts system. Paying invoices in Eclair that do not get settled within the internal timeout about 30s lead to a payment being considered failed, even though it may still be in flight. This vulnerability can lead to a total loss of funds for the node backend. Th...
CVE-2024-34694 LNbits improperly handles potential network and payment failures when using Eclair backend
LNbits is a Lightning wallet and accounts system. Paying invoices in Eclair that do not get settled within the internal timeout about 30s lead to a payment being considered failed, even though it may still be in flight. This vulnerability can lead to a total loss of funds for the node backend. Th...
CVE-2024-34694 LNbits improperly handles potential network and payment failures when using Eclair backend
LNbits is a Lightning wallet and accounts system. Paying invoices in Eclair that do not get settled within the internal timeout about 30s lead to a payment being considered failed, even though it may still be in flight. This vulnerability can lead to a total loss of funds for the node backend. Th...
CVE-2024-34694
LNbits vulnerable when using an Eclair backend: if a payment invoice fails to settle within the internal ~30s timeout, the system may treat it as failed even while the payment is in flight, potentially allowing total loss of funds at the node backend. This is documented across multiple sources (N...
LNbits Security Vulnerabilities
LNbits is a Python server open-sourced by LNbits. A security vulnerability exists in versions of LNbits prior to 0.12.6 that stems from the fact that if a payment invoice in Eclair is not cleared within an internal timeout period, it will be treated as a payment failure, even if the payment is...
CVE-2021-41591
ACINQ Eclair before 0.6.3 allows loss of funds because of dust HTLC exposure...
CVE-2021-41591
ACINQ Eclair before 0.6.3 allows loss of funds because of dust HTLC exposure...
Cross site request forgery (csrf)
ACINQ Eclair before 0.6.3 allows loss of funds because of dust HTLC exposure...
CVE-2021-41591
ACINQ Eclair before 0.6.3 is affected by a vulnerability related to dust HTLC exposure that can lead to loss of funds. Affected component: Eclair’s Lightning Network implementation (prior to version 0.6.3). Root cause: exposure of dust HTLC data allowing improper handling/funding loss (as describ...
CVE-2021-41591
ACINQ Eclair before 0.6.3 allows loss of funds because of dust HTLC exposure...
Acinq Eclair 安全漏洞
Acinq Eclair is a Scala implementation of Lightning Networks. A security vulnerability exists in ACINQ Eclair versions prior to 0.6.3. There is no information about this vulnerability at this time, so please stay tuned to CNNVD or vendor announcements...
Eclair has a logic flaw vulnerability
Eclair is a flash wallet for Android based systems.Eclair to 0.3 allows an attacker to trigger a loss of funds due to incorrect access control. An attacker could use the vulnerability to not pay or underpay the total amount of cash...
CVE-2019-13000
Eclair through 0.3 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states "it is beta-quality software and don't put too much money in it."...
CVE-2019-13000
Eclair through 0.3 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states "it is beta-quality software and don't put too much money in it."...
Design/Logic Flaw
Eclair through 0.3 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states "it is beta-quality software and don't put too much money in it."...