Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
LNbits improperly handles potential network and payment failures when using Eclair backend
Vulnerability Description
LNbits is a Lightning wallet and accounts system. Paying invoices in Eclair that do not get settled within the internal timeout (about 30s) lead to a payment being considered failed, even though it may still be in flight. This vulnerability can lead to a total loss of funds for the node backend. This vulnerability is fixed in 0.12.6.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Vulnerability Type
对因果或异常条件的不恰当检查
Vulnerability Title
LNbits 安全漏洞
Vulnerability Description
LNbits是LNbits开源的一个 Python 服务器。 LNbits 0.12.6之前版本存在安全漏洞,该漏洞源于如果 Eclair 中的付款发票未能在内部超时时间内结清,则将被视为付款失败,即使付款仍在进行中,该问题可能导致节点后端资金全部损失。
CVSS Information
N/A
Vulnerability Type
N/A