Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
cargo ckb Security Advisories
Browse all Security Advisories for cargo ckb
Loading...
Moderate
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS0yOWMyLTY1cmotaDM0M84AA5Cv
Nervos CKB Permit load cell data from memoryEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Moderate
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS1oNGMzLTUyNzUtdnJtZ84AA5Cu
Nervos CKB Pool does not remove the conflicting transactions from the statisticsEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS1xNzNmLXczaDctN3djY84AA5Cr
Nervos CKB Transaction which calls syscall load_cell_data_hash has nondeterministic resultEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
High
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS0zZ2poLTI5ZnYtOGhyNs4AA5Cq
Nervos CKB Snappy decompress length can be very large and causes out of memory errorEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
High
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS13anhjLXBqeDktNHd2bc4AA5Cp
Nervos CKB Panic on malformed inputEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
High
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS1oanFxLTI5cHctOTZ3as4AA5Ck
Nervos CKB node panics when processing a block which parent timestamp is too newEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Moderate
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS1yOXJ2LTltaDgtcHhmNM4AA5Cj
Nervos CKB BlockTimeTooNew should not be considered as invalid blockEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Low
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS1wcjM5LTgyNTctZnhjMs4AA5Ci
Nervos CKB DoS: Process exists when p2p discovery protocol receives unsupported peer IPEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS04NHgyLTJxdjYtcWc1Ns4AA5Ch
Nervos CKB P2P DoS AttacksEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Moderate
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS1xNjY5LTJ2ZmctY3hjZ84AA5CZ
Nervos CKB Unaligned Pointer DereferenceEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Low
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wMmdtLWZmcjMtdzJ4d84AAxfS
Nervos CKB vulnerable to low-resource flood DDoS attacks through network messageEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1mamo0LTJxNzMtanZnY84AAxfR
Nervos CKB calculation of program load cycles may be missed when executing in resume modeEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS1tY21yLTQ5eDMtNGpxbc4AAvq_
ckb type_id script resume may randomly failEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS03Znc2LTZtZmotZzNxMs4AAvq-
ckb: Transaction header_deps validation issue (network forking)Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS05bWZjLWNod2YtN3doZs4AAvq9
ckb: Large dep group requires a lot of resources to process but the cost to commit the transaction is very low.Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1qMzVwLXEyNHItNTM2N80_ng
Dep Group Remote Memory Exhaustion (Denial of Service) in ckbEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
GSA_kwCzR0hTQS04Z2ptLWgzeGotbXA2d80fkQ
RPC call failure in ckbEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
High
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
GSA_kwCzR0hTQS1jdzk4LWN4Mm0tOXFxZ80fjw
Denial of Service in ckbEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
High
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
GSA_kwCzR0hTQS0yOTY5LThoaDktNTdqY80fkA
Allocation of Resources Without Limits or Throttling in ckbEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
High
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ4dnEtOGpxdi1nbTZm
Remote memory exhaustion in ckbEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
High
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY2NjYtNnc5Ny1wY3dt
Miner fails to get block template when a cell used as a cell dep has been destroyed.Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
Critical
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ1cDctYzk1OS1yZ2Nt
Process crashes when the cell used as DepGroup is not aliveEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
Statistics
Advisories: 20,668
Packages: 9,040
Repositories: 1
Ecosystems: 12
Packages: 9,040
Repositories: 1
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
openssl-src
26
ckb
22
wasmtime
19
rusqlite
16
deno
13
surrealdb
12
openssl
8
libpulse-binding
7
hyper
7
cranelift-codegen
6
cargo
6
Simple-Wayland-HotKey-Daemon
6
sized-chunks
6
smallvec
6
apollo-router
6
lock_api
5
comrak
5
tauri
5
xcb
5
bottlerocket/update-operator
5
messagepack-rs
5
tokio
4
wasmtime
4
pleaser
4
actix-web
4
evm
4
raw-cpuid
4
deno_runtime
4
tremor-script
4
surrealdb-core
4
gitoxide
4
ntpd
3
quiche
3
apache-avro
3
tough
3
pywasm3
3
s2n-tls
3
wasm3
3
id-map
3
ursa
3
s2n-quic
3
anoncreds-clsignatures
3
cgc
3
fltk
3
h2
3
gix-path
3
crossbeam-channel
3
acc_reader
3
russh
3
solana_rbpf
3
flatbuffers
3
gix
3
crossbeam
3
gitoxide-core
3
routinator
3
grin
3
slice-deque
3
arrow
3
nanorand
3
matrix-sdk-crypto
3
ammonia
3
pallet-ethereum
3
arr
3
sha2
2
arti
2
image
2
tor-circmgr
2
async-h1
2
evm-core
2
phonenumber
2
slack-morphism
2
gix-transport
2
rand_core
2
mio
2
bumpalo
2
hyper-staticfile
2
Deno
2
metrics-util
2
libp2p-core
2
futures-util
2
gfx-auxil
2
bite
2
binjs_io
2
rocket
2
reorder
2
flumedb
2
ordnung
2
mopa
2
memoffset
2
abi_stable
2
derive-com-impl
2
ticketed_lock
2
parc
2
arenavec
2
failure
2
streebog
2
libsecp256k1
2
generator
2
actix-http
2
cache
2
rdiff
2
syncpool
2
sodiumoxide
2
molecule
2
rust-embed
2
nix
2
sequoia-openpgp
2
net2
2
tower-http
2
diesel
2
crayon
2
lettre
2
stack_dst
2
trust-dns-server
2
pnet
2
vec-const
2
pyo3
2
multiqueue
2
columnar
2
cosmwasm-vm
2
github.com/CosmWasm/wasmvm
2
http
2
rsa
2
spin
2
zerocopy
2
rulex
2
async-graphql
2
buffoon
2
bronzedb-protocol
2
simple-slab
2
vm-memory
2
vodozemac
2
tiny_future
2
signal-simple
2
v9
2
internment
2
gix-index
2
tar
2
inventory
2
oqs
2
nano-id
2
gix-worktree
2
array-macro
2
gix-worktree-state
2
pallet-evm-precompile-modexp
2
biscuit-auth
2
cocoon
2
libgit2-sys
2
svix
2
futures-task
2
slock
2
toodee
2
quinn-proto
2
opcua
2
coreos-installer
2
ncurses
2
crypto2
2
tectonic_xdv
2
simple_asn1
2
traitobject
2
abomonation
2
lru
2
ash
2
ozone
2
csv-sniffer
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.maccatalyst-arm64
1
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.maccatalyst-x64
1
miniscript
1
bzip2
1
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-x86
1
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-x64
1
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-arm64
1
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.ios-arm64
1
out-reference
1
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.ios-arm
1
webbrowser
1
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64
1
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm.Msi.x64
1
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm
1
sqlite-vec
1
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86.Msi.x64
1
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86
1
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64.Msi.x64
1
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64
1
zerovec-derive
1
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64.Msi.x64
1
sqlite-vec
1
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64
1
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm.Msi.x64
1
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm
1
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvossimulator-x64
1
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvossimulator-arm64
1
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvos-arm64
1
sqlite-vec
1
sqlite-vec
1
xmp_toolkit
1
Microsoft.NETCore.App.Runtime.browser-wasm
1
gix-attributes
1
object_store
1
compu-brotli-sys
1
Filter by Repository