Getmonero: >> Monero >> 0.12.2.0 Security Vulnerabilities
monero-wallet-gui in Monero GUI before 0.17.1.0 includes the . directory in an embedded RPATH (with a preference ahead of /usr/lib), which allows local users to gain privileges via a Trojan horse library in the current working directory.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-10-10
An exploitable code execution vulnerability exists in the Levin deserialization functionality of the Epee library, as used in Monero 'Lithium Luna' (v0.12.2.0-master-ffab6700) and other cryptocurrencies. A specially crafted network packet can cause a logic flaw, resulting in code execution. An attacker can send a packet to trigger this vulnerability.
CVSS Score
10.0
EPSS Score
0.009
Published
2018-09-26