mimblewimble/grin

mimblewimble/grin

Releases75

Frequency1 month 1 week

Last Release 3 months ago

Stars5.09K

Minimal implementation of the Mimblewimble protocol.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-15899 ↗	Jul 28, 2020Tuesday, 28 July 2020, 18:15	7.5 HIGH	5 MEDIUM
Grin 3.0.0 before 4.0.0 has insufficient validation of data related to Mimblewimble.
CVE-2020-12439 ↗	May 5, 2020Tuesday, 5 May 2020, 22:15	5.3 MEDIUM	5 MEDIUM
Grin before 3.1.0 allows attackers to adversely affect availability of data on a Mimblewimble blockchain.
CVE-2020-6638 ↗	Jan 21, 2020Tuesday, 21 January 2020, 20:15	7.5 HIGH	5 MEDIUM
Grin through 2.1.1 has Insufficient Validation.
CVE-2019-9195 ↗	Feb 26, 2019Tuesday, 26 February 2019, 19:29	9.8 CRITICAL	7.5 HIGH
util/src/zip.rs in Grin before 1.0.2 mishandles suspicious files. An attacker can execute arbitrary code via directory traversal in a ZIP archive.