CVE-2020-15899: Grin insufficient data validation

May 24, 2022 (updated February 1, 2024)

Grin 3.0.0 before 4.0.0 has insufficient validation of data related to Mimblewimble.

References

github.com/advisories/GHSA-p75g-gcv5-42qg
github.com/mimblewimble/grin-security/blob/master/CVEs/CVE-2020-15899.md
github.com/mimblewimble/grin/compare/v3.1.1...v4.0.0
nvd.nist.gov/vuln/detail/CVE-2020-15899

Code Behaviors & Features

Detect and mitigate CVE-2020-15899 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →