Jump to:

CVE-2021-3195

Jump to:

CVE-2021-3195

Package bitcoin updated to version 0.21.1-alt1 for branch sisyphus in task 270988.

Published: 2021-01-26
Modified: 2024-11-21

CVE-2021-3195

bitcoind in Bitcoin Core through 0.21.0 can create a new file in an arbitrary directory (e.g., outside the ~/.bitcoin directory) via a dumpwallet RPC call. NOTE: this reportedly does not violate the security model of Bitcoin Core, but can violate the security model of a fork that has implemented dumpwallet restrictions

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

https://github.com/bitcoin/bitcoin/issues/20866
https://github.com/bitcoin/bitcoin/issues/20866

Version: 2.1.0

Package bitcoin update in sisyphus on 2021-04-30

ALT-PU-2021-1754-1

Closed vulnerabilities

CVE-2021-3195