Grin before 3.1.0 allows attackers to adversely affect availability of data on a Mimblewimble blockchain.
CVSS Score
5.3
EPSS Score
0.003
Published
2020-05-05
Grin through 2.1.1 has Insufficient Validation.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-01-21
util/src/zip.rs in Grin before 1.0.2 mishandles suspicious files. An attacker can execute arbitrary code via directory traversal in a ZIP archive.
CVSS Score
9.8
EPSS Score
0.006
Published
2019-02-26