An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS05bWZjLWNod2YtN3doZs4AAvq9
ckb: Large dep group requires a lot of resources to process but the cost to commit the transaction is very low.
When a transaction contains a dep group with many cells, the resources required to process it are not linear to the transaction size nor spent script cycles.
In 0.43.3, nodes drop the transactions relayed to them when they contain a dep group with more than 64 cells. They do not ban peers who send them such transactions.
In 0.100, the consensus disallow transactions using a dep group with more than 64 cells. Peers relaying such transaction must be banned. Blocks committing such transactions must be rejected.Permalink: https://github.com/advisories/GHSA-9mfc-chwf-7whf
Source: GitHub Advisory Database
Published: 11 months ago
Updated: 9 months ago
Fixed in: 0.43.3