Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS1oanFxLTI5cHctOTZ3as4AA5Ck

Nervos CKB node panics when processing a block which parent timestamp is too new

Impact

Adversary can initiate DOS attack by broadcasting two consecutive blocks with timestamps in the future.

Patches

Please upgrade to v0.34.1

Permalink: https://github.com/advisories/GHSA-hjqq-29pw-96wj
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1oanFxLTI5cHctOTZ3as4AA5Ck
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: 28 days ago
Updated: 28 days ago


Identifiers: GHSA-hjqq-29pw-96wj
References:

Affected Packages

cargo:ckb
Versions: >= 0.34.0, < 0.34.1, >= 0.33.0, < 0.33.2
Fixed in: 0.34.1, 0.33.2