bitcoinknots/bitcoin on GitHub
Bitcoin Knots enhanced Bitcoin node/wallet software
CVE History
| CVE | Published | CVSS v2 | CVSS v3 |
|---|---|---|---|
| CVE-2023-50428 | 5.3 MEDIUM | N/A | |
| In Bitcoin Core through 26.0 and Bitcoin Knots before 25.1.knots20231115, datacarrier size limits can be bypassed by obfuscating data as code (e.g., with OP_FALSE OP_IF), as exploited in the wild by Inscriptions in 2022 and 2023. NOTE: although this is a vulnerability from the perspective of the Bitcoin Knots project, some others consider it "not a bug." | |||
| CVE-2018-17144 | 7.5 HIGH | 5 MEDIUM | |
| Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote denial of service (application crash) exploitable by miners via duplicate input. An attacker can make bitcoind or Bitcoin-Qt crash. | |||
| CVE-2016-8889 | 6.2 MEDIUM | 2.1 LOW | |
| In Bitcoin Knots v0.11.0.ljr20150711 through v0.13.0.knots20160814 (fixed in v0.13.1.knots20161027), the debug console stores sensitive information including private keys and the wallet passphrase in its persistent command history. | |||