github.com/lightningnetwork/lnd

Go4 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting github.com/lightningnetwork/lndpage 1 of 1

CVE-2019-12999HIGHCVSS 7.5EG 7.5✓ Fixed in 0.7.1-beta
2020-01-31
Lightning Network Daemon (lnd) before 0.7 allows attackers to trigger loss of funds because of Incorrect Access Control.
CVE-2022-39389HIGHCVSS 8.2EG 8.2✓ Fixed in 0.15.4-beta
2022-11-17
Lightning Network Daemon (lnd) is an implementation of a lightning bitcoin overlay network node. All lnd nodes before version `v0.15.4` are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered.…
CVE-2022-44797CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.15.2-beta
2022-11-07
btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles witness size checking.
CVE-2024-38359MEDIUMCVSS 6.5EG 6.5✓ Fixed in 0.17.0-beta
2024-06-20
The Lightning Network Daemon (lnd) - is a complete implementation of a Lightning Network node. A parsing vulnerability in lnd's onion processing logic and lead to a DoS vector due to excessive memory allocation. The issue was patched in l…

Check whether github.com/lightningnetwork/lnd is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/lightningnetwork/lnd CVEs against the assets you own.

Start Free Scan →