bitcoin-ruby is vulnerable to denial of service (DoS) attacks. There is a flaw in the Merkle hash implementation that Bitcoin uses to calculate the Merkle root in a block header. Block hash collisions can easily be made by duplicating transactions in the Merkle tree. A record collision would prevent the acceptance of a legitimate block with the same hash. This could be used to isolate a victim’s node and cause the creation of blockchain forks.
CPE | Name | Operator | Version |
---|---|---|---|
bitcoin-ruby | eq | 0.0.1 |