AVG-1486 - bitcoin-daemon - Arch Linux
AVG-1486 log
| Package | bitcoin-daemon |
| Status | Vulnerable |
| Severity | Medium |
| Type | multiple issues |
| Affected | 0.21.1-2 |
| Fixed | Unknown |
| Current | 0.21.1-2 [community] |
| Ticket | Create |
| Created | Thu Jan 21 09:24:07 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-31876 | Medium | Yes | Insufficient validation | Bitcoin Core 0.12.0 through 0.21.1 does not properly implement the replacement policy specified in BIP125, which makes it easier for attackers to trigger a... |
| CVE-2021-3195 | Medium | Yes | Directory traversal | bitcoind in Bitcoin Core through 0.21.0 can create a new file in an arbitrary directory (e.g., outside the ~/.bitcoin directory) via a dumpwallet RPC call.... |