Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

cargo ckb Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS0yOWMyLTY1cmotaDM0M84AA5Cv
Nervos CKB Permit load cell data from memory
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Moderate
GSA_kwCzR0hTQS1oNGMzLTUyNzUtdnJtZ84AA5Cu
Nervos CKB Pool does not remove the conflicting transactions from the statistics
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
GSA_kwCzR0hTQS1xNzNmLXczaDctN3djY84AA5Cr
Nervos CKB Transaction which calls syscall load_cell_data_hash has nondeterministic result
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
High
GSA_kwCzR0hTQS0zZ2poLTI5ZnYtOGhyNs4AA5Cq
Nervos CKB Snappy decompress length can be very large and causes out of memory error
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
High
GSA_kwCzR0hTQS13anhjLXBqeDktNHd2bc4AA5Cp
Nervos CKB Panic on malformed input
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
High
GSA_kwCzR0hTQS1oanFxLTI5cHctOTZ3as4AA5Ck
Nervos CKB node panics when processing a block which parent timestamp is too new
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Moderate
GSA_kwCzR0hTQS1yOXJ2LTltaDgtcHhmNM4AA5Cj
Nervos CKB BlockTimeTooNew should not be considered as invalid block
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Low
GSA_kwCzR0hTQS1wcjM5LTgyNTctZnhjMs4AA5Ci
Nervos CKB DoS: Process exists when p2p discovery protocol receives unsupported peer IP
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
GSA_kwCzR0hTQS04NHgyLTJxdjYtcWc1Ns4AA5Ch
Nervos CKB P2P DoS Attacks
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Moderate
GSA_kwCzR0hTQS1xNjY5LTJ2ZmctY3hjZ84AA5CZ
Nervos CKB Unaligned Pointer Dereference
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Low
GSA_kwCzR0hTQS1wMmdtLWZmcjMtdzJ4d84AAxfS
Nervos CKB vulnerable to low-resource flood DDoS attacks through network message
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
GSA_kwCzR0hTQS1mamo0LTJxNzMtanZnY84AAxfR
Nervos CKB calculation of program load cycles may be missed when executing in resume mode
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1tY21yLTQ5eDMtNGpxbc4AAvq_
ckb type_id script resume may randomly fail
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS03Znc2LTZtZmotZzNxMs4AAvq-
ckb: Transaction header_deps validation issue (network forking)
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS05bWZjLWNod2YtN3doZs4AAvq9
ckb: Large dep group requires a lot of resources to process but the cost to commit the transaction is very low.
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1qMzVwLXEyNHItNTM2N80_ng
Dep Group Remote Memory Exhaustion (Denial of Service) in ckb
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS04Z2ptLWgzeGotbXA2d80fkQ
RPC call failure in ckb
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS1jdzk4LWN4Mm0tOXFxZ80fjw
Denial of Service in ckb
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS0yOTY5LThoaDktNTdqY80fkA
Allocation of Resources Without Limits or Throttling in ckb
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ4dnEtOGpxdi1nbTZm
Remote memory exhaustion in ckb
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY2NjYtNnc5Ny1wY3dt
Miner fails to get block template when a cell used as a cell dep has been destroyed.
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ1cDctYzk1OS1yZ2Nt
Process crashes when the cell used as DepGroup is not alive
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Statistics
Advisories: 19,336
Packages: 8,539
Repositories: 1
Ecosystems: 12
Filter by Package
openssl-src 26 ckb 22 wasmtime 16 rusqlite 16 deno 13 surrealdb 8 libpulse-binding 7 openssl 7 hyper 7 Simple-Wayland-HotKey-Daemon 6 sized-chunks 6 cranelift-codegen 6 smallvec 6 tauri 5 comrak 5 bottlerocket/update-operator 5 lock_api 5 cargo 5 frontier 5 xcb 5 messagepack-rs 5 raw-cpuid 4 tokio 4 apollo-router 4 actix-web 4 evm 4 pleaser 4 deno_runtime 4 tremor-script 4 nanorand 3 cgc 3 slice-deque 3 fltk 3 h2 3 arr 3 solana_rbpf 3 apache-avro 3 id-map 3 s2n-quic 3 ammonia 3 routinator 3 gix 3 flatbuffers 3 tough 3 arrow 3 crossbeam 3 gitoxide 3 acc_reader 3 crossbeam-channel 3 grin 3 quiche 3 ursa 3 anoncreds-clsignatures 3 pywasm3 2 wasm3 2 tar 2 libp2p-core 2 hyper-staticfile 2 inventory 2 metrics-util 2 gix-worktree-state 2 gix-fs 2 gix-worktree 2 gitoxide-core 2 gix-index 2 simple-slab 2 lru 2 mopa 2 futures-util 2 flumedb 2 gfx-auxil 2 tiny_future 2 signal-simple 2 http 2 bite 2 v9 2 internment 2 abi_stable 2 memoffset 2 ordnung 2 reorder 2 rocket 2 libgit2-sys 2 multiqueue 2 vm-memory 2 Deno 2 crayon 2 cache 2 russh 2 zerocopy 2 matrix-sdk-crypto 2 evm-core 2 slack-morphism 2 slock 2 image 2 ncurses 2 toodee 2 binjs_io 2 bronzedb-protocol 2 buffoon 2 ticketed_lock 2 rulex 2 rsa 2 rdiff 2 rust-embed 2 failure 2 streebog 2 bumpalo 2 arti 2 tor-circmgr 2 ozone 2 traitobject 2 csv-sniffer 2 opcua 2 arenavec 2 parc 2 derive-com-impl 2 svix 2 nix 2 molecule 2 async-h1 2 ntpd 2 abomonation 2 sodiumoxide 2 syncpool 2 gix-transport 2 actix-http 2 futures-task 2 crypto2 2 array-macro 2 generator 2 libsecp256k1 2 sha2 2 columnar 2 nano-id 2 oqs 2 ash 2 mio 2 vec-const 2 pnet 2 trust-dns-server 2 stack_dst 2 simple_asn1 2 lettre 2 tower-http 2 spin 2 coreos-installer 2 tectonic_xdv 2 rand_core 2 net2 2 branca 1 ink_env 1 ink 1 tungstenite 1 ark-r1cs-std 1 webpki 1 rkyv 1 multiqueue2 1 borsh 1 cyfs-base 1 yamux 1 static-web-server 1 neon 1 golang.org/x/crypto 1 bigint 1 perseus-actix-web 1 async-coap 1 glsl-layout 1 paramiko 1 magick.net-q16-anycpu 1 webp 1 Pillow 1 magick.net-q16-hdri-anycpu 1 github.com/chai2010/webp 1 SkiaSharp 1 magick.net-q16-x64 1 magick.net-q8-anycpu 1 electron 1 libwebp-sys 1 libwebp-sys2 1 magick.net-q8-openmp-x64 1 actix-utils 1 magick.net-q8-x64 1 arc-swap 1 diesel 1 serde_v8 1 bam 1 iced-x86 1 blurhash 1 multihash 1 aes-gcm 1 @tauri-apps/cli 1 ed25519-dalek 1 odoh-rs 1 serde-json-wasm 1 linked_list_allocator 1 lz4-sys 1 cookie 1 orion 1 simd-json 1