Common Vulnerabilities and Exposures: Difference between revisions

From Bitcoin Wiki
Jump to navigation Jump to search
Luke-jr (talk | contribs)
Historical CVEs
Luke-jr (talk | contribs)
Fix liveness
Line 1: Line 1:
{| class="wikitable"
{| class="wikitable"
!style="width:14ex"| CVE
!style="width:14ex"| CVE
! Announced !! Affects !! Flaw !! Fixed in versions !! Links
! Announced !! Affects !! Flaw !! Fixed in versions !! Links !! Live
|-
|-
| CVE-2010-5137
| CVE-2010-5137
Line 9: Line 9:
| 0.3.5
| 0.3.5
| [[Incidents#LSHIFT and RETURN bugs|Incident]]
| [[Incidents#LSHIFT and RETURN bugs|Incident]]
|bgcolor=lime| 100%
|-
|-
| CVE-2010-5138
| CVE-2010-5138
Line 16: Line 17:
| 0.3.?
| 0.3.?
| [[Incidents#OP CHECKSIG abuse|Incident]]
| [[Incidents#OP CHECKSIG abuse|Incident]]
|bgcolor=lime| 100%
|-
|-
| CVE-2010-5139
| CVE-2010-5139
Line 23: Line 25:
| 0.3.11
| 0.3.11
| [[Incidents#Value overflow|Incident]] [https://bitcointalk.org/index.php?topic=822.0 Discovery]
| [[Incidents#Value overflow|Incident]] [https://bitcointalk.org/index.php?topic=822.0 Discovery]
|bgcolor=lime| 100%
|-
|-
| CVE-2010-5140
| CVE-2010-5140
Line 30: Line 33:
| 0.3.13
| 0.3.13
| [[Incidents#Micropayment contamination|Incident]] [http://www.bitcoin.org/smf/index.php?topic=1306.0 Initial reports]
| [[Incidents#Micropayment contamination|Incident]] [http://www.bitcoin.org/smf/index.php?topic=1306.0 Initial reports]
|bgcolor=lime| 100%
|-
|-
| CVE-2011-4447
| CVE-2011-4447
Line 37: Line 41:
| 0.4.1, 0.5.0
| 0.4.1, 0.5.0
| [https://bitcointalk.org/index.php?topic=51604.0 Announcement] [https://bitcointalk.org/index.php?topic=51474.0 Finding] [http://bitcoin.org/releases/2011/11/21/v0.5.0.html 0.5.0]
| [https://bitcointalk.org/index.php?topic=51604.0 Announcement] [https://bitcointalk.org/index.php?topic=51474.0 Finding] [http://bitcoin.org/releases/2011/11/21/v0.5.0.html 0.5.0]
|bgcolor=yellow| 88.5%
|-
|-
| CVE-2012-1909
| CVE-2012-1909
Line 44: Line 49:
| BIP 30, 0.4.4, 0.5.3
| BIP 30, 0.4.4, 0.5.3
| [https://bitcointalk.org/index.php?topic=67738.0 Announcement] [https://en.bitcoin.it/wiki/BIP_0030 Fix]
| [https://bitcointalk.org/index.php?topic=67738.0 Announcement] [https://en.bitcoin.it/wiki/BIP_0030 Fix]
|bgcolor=pink| 29.1%
|-
|-
| CVE-2012-1910
| CVE-2012-1910
Line 51: Line 57:
| 0.5.3.1, 0.5.4, 0.6.0rc4
| 0.5.3.1, 0.5.4, 0.6.0rc4
| [https://bitcointalk.org/index.php?topic=69120.0 Announcement]
| [https://bitcointalk.org/index.php?topic=69120.0 Announcement]
|bgcolor=pink| >25.6%
|-
|-
| CVE-2012-2459
| CVE-2012-2459
Line 58: Line 65:
| 0.4.6, 0.5.5, 0.6.0.7, and 0.6.2
| 0.4.6, 0.5.5, 0.6.0.7, and 0.6.2
| [https://bitcointalk.org/index.php?topic=81749.0 Announcement]
| [https://bitcointalk.org/index.php?topic=81749.0 Announcement]
|bgcolor=pink| 16.3%
|}
|}

Revision as of 20:17, 29 May 2012

CVE Announced Affects Flaw Fixed in versions Links Live
CVE-2010-5137 2010-07-28 wxBitcoin and bitcoind OP_LSHIFT crash 0.3.5 Incident 100%
CVE-2010-5138 2010-07-29 wxBitcoin and bitcoind Unlimited SigOp DoS 0.3.? Incident 100%
CVE-2010-5139 2010-08-15 wxBitcoin and bitcoind Combined output overflow 0.3.11 Incident Discovery 100%
CVE-2010-5140 2010-09-29 wxBitcoin and bitcoind Sending coins w/o sufficient fees 0.3.13 Incident Initial reports 100%
CVE-2011-4447 2011-11-11 wxBitcoin and bitcoind Wallet (non-)encryption 0.4.1, 0.5.0 Announcement Finding 0.5.0 88.5%
CVE-2012-1909 2012-03-07 Bitcoin protocol Transaction overwriting BIP 30, 0.4.4, 0.5.3 Announcement Fix 29.1%
CVE-2012-1910 2012-03-17 Bitcoin-Qt for Windows MingW non-multithreading 0.5.3.1, 0.5.4, 0.6.0rc4 Announcement >25.6%
CVE-2012-2459 2012-05-14 bitcoind and Bitcoin-Qt TBD 0.4.6, 0.5.5, 0.6.0.7, and 0.6.2 Announcement 16.3%