GHSA-wjxc-pjx9-4wvm

Source
https://github.com/advisories/GHSA-wjxc-pjx9-4wvm
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-wjxc-pjx9-4wvm/GHSA-wjxc-pjx9-4wvm.json
Published
2024-02-03T00:18:06Z
Modified
2024-02-03T00:18:06Z
Details

Impact

CKB process will panic when received malformed p2p message because of snappy, which is used to compress network messages

References

https://github.com/BurntSushi/rust-snappy/issues/29

References

Affected packages

crates.io / ckb

Package

Name
ckb

Affected ranges

Type
SEMVER
Events
Introduced
0The exact introduced commit is unknown
Fixed
0.34.2

Database specific

{
    "last_known_affected_version_range": "<= 0.34.1"
}