Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

cargo ckb Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS0yOWMyLTY1cmotaDM0M84AA5Cv
Nervos CKB Permit load cell data from memory
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Moderate
GSA_kwCzR0hTQS1oNGMzLTUyNzUtdnJtZ84AA5Cu
Nervos CKB Pool does not remove the conflicting transactions from the statistics
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Critical
GSA_kwCzR0hTQS1xNzNmLXczaDctN3djY84AA5Cr
Nervos CKB Transaction which calls syscall load_cell_data_hash has nondeterministic result
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
High
GSA_kwCzR0hTQS0zZ2poLTI5ZnYtOGhyNs4AA5Cq
Nervos CKB Snappy decompress length can be very large and causes out of memory error
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
High
GSA_kwCzR0hTQS13anhjLXBqeDktNHd2bc4AA5Cp
Nervos CKB Panic on malformed input
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
High
GSA_kwCzR0hTQS1oanFxLTI5cHctOTZ3as4AA5Ck
Nervos CKB node panics when processing a block which parent timestamp is too new
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Moderate
GSA_kwCzR0hTQS1yOXJ2LTltaDgtcHhmNM4AA5Cj
Nervos CKB BlockTimeTooNew should not be considered as invalid block
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Low
GSA_kwCzR0hTQS1wcjM5LTgyNTctZnhjMs4AA5Ci
Nervos CKB DoS: Process exists when p2p discovery protocol receives unsupported peer IP
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Critical
GSA_kwCzR0hTQS04NHgyLTJxdjYtcWc1Ns4AA5Ch
Nervos CKB P2P DoS Attacks
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Moderate
GSA_kwCzR0hTQS1xNjY5LTJ2ZmctY3hjZ84AA5CZ
Nervos CKB Unaligned Pointer Dereference
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Low
GSA_kwCzR0hTQS1wMmdtLWZmcjMtdzJ4d84AAxfS
Nervos CKB vulnerable to low-resource flood DDoS attacks through network message
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
GSA_kwCzR0hTQS1mamo0LTJxNzMtanZnY84AAxfR
Nervos CKB calculation of program load cycles may be missed when executing in resume mode
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1tY21yLTQ5eDMtNGpxbc4AAvq_
ckb type_id script resume may randomly fail
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS03Znc2LTZtZmotZzNxMs4AAvq-
ckb: Transaction header_deps validation issue (network forking)
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS05bWZjLWNod2YtN3doZs4AAvq9
ckb: Large dep group requires a lot of resources to process but the cost to commit the transaction is very low.
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1qMzVwLXEyNHItNTM2N80_ng
Dep Group Remote Memory Exhaustion (Denial of Service) in ckb
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS04Z2ptLWgzeGotbXA2d80fkQ
RPC call failure in ckb
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS1jdzk4LWN4Mm0tOXFxZ80fjw
Denial of Service in ckb
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS0yOTY5LThoaDktNTdqY80fkA
Allocation of Resources Without Limits or Throttling in ckb
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ4dnEtOGpxdi1nbTZm
Remote memory exhaustion in ckb
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY2NjYtNnc5Ny1wY3dt
Miner fails to get block template when a cell used as a cell dep has been destroyed.
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ1cDctYzk1OS1yZ2Nt
Process crashes when the cell used as DepGroup is not alive
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Statistics
Advisories: 19,584
Packages: 8,642
Repositories: 1
Ecosystems: 12
Filter by Severity
Moderate 8,559 High 6,707 Critical 2,930 Low 1,073
Filter by Ecosystem
maven 5,662 packagist 4,372 pypi 4,006 npm 3,637 go 2,075 nuget 1,467 rubygems 827 cargo 824 swift 31 hex 30 actions 16 pub 8
Filter by Package
openssl-src 26 ckb 22 rusqlite 16 wasmtime 16 deno 13 surrealdb 9 openssl 8 hyper 7 libpulse-binding 7 sized-chunks 6 Simple-Wayland-HotKey-Daemon 6 cranelift-codegen 6 smallvec 6 xcb 5 messagepack-rs 5 tauri 5 bottlerocket/update-operator 5 lock_api 5 cargo 5 comrak 5 frontier 5 raw-cpuid 4 tokio 4 deno_runtime 4 evm 4 apollo-router 4 tremor-script 4 actix-web 4 pleaser 4 ammonia 3 arrow 3 nanorand 3 slice-deque 3 fltk 3 solana_rbpf 3 id-map 3 h2 3 arr 3 grin 3 ntpd 3 apache-avro 3 s2n-quic 3 crossbeam 3 gitoxide 3 ursa 3 gix 3 anoncreds-clsignatures 3 matrix-sdk-crypto 3 flatbuffers 3 quiche 3 routinator 3 tough 3 crossbeam-channel 3 cgc 3 acc_reader 3 vodozemac 2 v9 2 simple-slab 2 internment 2 ticketed_lock 2 phonenumber 2 signal-simple 2 tiny_future 2 pywasm3 2 zerocopy 2 mopa 2 flumedb 2 tar 2 http 2 inventory 2 binjs_io 2 bite 2 gfx-auxil 2 futures-util 2 lru 2 libp2p-core 2 tor-circmgr 2 ozone 2 crayon 2 arenavec 2 spin 2 traitobject 2 csv-sniffer 2 opcua 2 parc 2 derive-com-impl 2 abi_stable 2 memoffset 2 Deno 2 ordnung 2 vm-memory 2 reorder 2 rocket 2 libgit2-sys 2 multiqueue 2 metrics-util 2 wasm3 2 rsa 2 hyper-staticfile 2 gix-worktree-state 2 gix-worktree 2 gitoxide-core 2 gix-index 2 rdiff 2 bronzedb-protocol 2 buffoon 2 russh 2 rust-embed 2 rulex 2 failure 2 cache 2 streebog 2 bumpalo 2 arti 2 molecule 2 array-macro 2 abomonation 2 sodiumoxide 2 nano-id 2 oqs 2 syncpool 2 actix-http 2 crypto2 2 generator 2 libsecp256k1 2 slack-morphism 2 mio 2 slock 2 columnar 2 toodee 2 sha2 2 ash 2 tectonic_xdv 2 simple_asn1 2 async-h1 2 coreos-installer 2 rand_core 2 image 2 ncurses 2 futures-task 2 sequoia-openpgp 2 tower-http 2 gix-transport 2 pnet 2 vec-const 2 evm-core 2 stack_dst 2 net2 2 svix 2 lettre 2 trust-dns-server 2 nix 2 electron 1 SkiaSharp 1 github.com/chai2010/webp 1 snow 1 libdav1d-sys 1 libwebp-sys 1 Pillow 1 serde_yaml 1 safe-transmute 1 libwebp-sys2 1 actix-utils 1 string-interner 1 diesel 1 bam 1 iced-x86 1 totp-rs 1 blurhash 1 trillium-client 1 wasmi 1 pancurses 1 beef 1 cassandra-cpp 1 whoami 1 async-coap 1 transpose 1 bigint 1 rgb 1 aliyundrive-webdav 1 serde_v8 1 magick.net-q8-x64 1 magick.net-q8-openmp-x64 1 protobuf 1 magick.net-q8-anycpu 1 magick.net-q16-x64 1 scratchpad 1 magick.net-q16-hdri-anycpu 1 magick.net-q16-anycpu 1 lzf 1 simd-json 1 orion 1 cookie 1 lz4-sys 1 cyfs-base 1 linked_list_allocator 1 tungstenite 1 rustls-webpki 1 vmm-sys-util 1 stellar-strkey 1
Filter by Repository
https://github.com/nervosnetwork/ckb 22