crates.io package
ckb
pkg:cargo/ckb
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-45698 | — | < 0.40.0 | 0.40.0 | Dec 26, 2021 | An issue was discovered in the ckb crate before 0.40.0 for Rust. A get_block_template RPC call may fail in situations where it is supposed to select a Nervos CKB blockchain transaction with a higher fee rate than another transaction. | ||
| CVE-2021-45699 | — | < 0.40.0 | 0.40.0 | Dec 26, 2021 | An issue was discovered in the ckb crate before 0.40.0 for Rust. Remote attackers may be able to conduct a 51% attack against the Nervos CKB blockchain by triggering an inability to allocate memory for the misbehavior HashMap. | ||
| CVE-2021-45700 | — | < 0.40.0 | 0.40.0 | Dec 26, 2021 | An issue was discovered in the ckb crate before 0.40.0 for Rust. Attackers can cause a denial of service (Nervos CKB blockchain node crash) via a dead call that is used as a DepGroup. |
- CVE-2021-45698Dec 26, 2021affected < 0.40.0fixed 0.40.0
An issue was discovered in the ckb crate before 0.40.0 for Rust. A get_block_template RPC call may fail in situations where it is supposed to select a Nervos CKB blockchain transaction with a higher fee rate than another transaction.
- CVE-2021-45699Dec 26, 2021affected < 0.40.0fixed 0.40.0
An issue was discovered in the ckb crate before 0.40.0 for Rust. Remote attackers may be able to conduct a 51% attack against the Nervos CKB blockchain by triggering an inability to allocate memory for the misbehavior HashMap.
- CVE-2021-45700Dec 26, 2021affected < 0.40.0fixed 0.40.0
An issue was discovered in the ckb crate before 0.40.0 for Rust. Attackers can cause a denial of service (Nervos CKB blockchain node crash) via a dead call that is used as a DepGroup.