Source: dogecoin X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security
Hi, The following vulnerabilities were published for dogecoin. CVE-2021-37491[0]: | An issue discovered in src/wallet/wallet.cpp in Dogecoin Project | Dogecoin Core 1.14.3 and earlier allows attackers to view sensitive | information via CWallet::CreateTransaction() function. https://github.com/dogecoin/dogecoin/issues/2279 CVE-2023-30769[1]: | Vulnerability discovered is related to the peer-to-peer (p2p) | communications, attackers can craft consensus messages, send it to | individual nodes and take them offline. An attacker can crawl the | network peers using getaddr message and attack the unpatched nodes. https://www.halborn.com/blog/post/halborn-discovers-zero-day-impacting-dogecoin-and-280-networks If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-37491 https://www.cve.org/CVERecord?id=CVE-2021-37491 [1] https://security-tracker.debian.org/tracker/CVE-2023-30769 https://www.cve.org/CVERecord?id=CVE-2023-30769 Please adjust the affected versions in the BTS as needed.
