Unrated severityNVD Advisory· Published Dec 4, 2019· Updated Aug 5, 2024

CVE-2019-16752

Description

An issue was discovered in Decentralized Anonymous Payment System (DAPS) through 2019-08-26. It is possible to force wallets to send HTTP requests to arbitrary locations, both on the local network and on the internet. This is a serious threat to user privacy, since it can possibly leak their IP address and the fact that they are using the product. This also affects Dash Core through 0.14.0.3 and Private Instant Verified Transactions (PIVX) through 3.4.0.

Affected products

DAPS/Decentralized Anonymous Payment Systemdescription
DAPS/Decentralized Anonymous Payment System (DAPS)llm-create
Range: <= 2019-08-26
PIVX/PIVXllm-fuzzy
Range: <= 3.4.0
Alloy Rs/Corellm-fuzzy
Range: <= 0.14.0.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

officialdapscoin.com/wp-content/uploads/2019/09/DAPS-Coin-Final-Security-Audit-Red4Sec-2019.pdfmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000