CVE-2020-12439: Grin allows attackers to adversely affect availability of data on a Mimblewimble blockchain

May 24, 2022 (updated February 1, 2024)

Grin before 3.1.0 allows attackers to adversely affect availability of data on a Mimblewimble blockchain.

References

github.com/advisories/GHSA-6x52-88cq-55q5
github.com/mimblewimble/grin-security/blob/master/CVEs/CVE-2020-12439.md
github.com/mimblewimble/grin/issues/3235
github.com/mimblewimble/grin/pull/3236
nvd.nist.gov/vuln/detail/CVE-2020-12439

Code Behaviors & Features

Detect and mitigate CVE-2020-12439 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →