Back to search
CVE-2021-3401
Published: Feb 4, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
Bitcoin Core before 0.19.0 might allow remote attackers to execute arbitrary code when another application unsafely passes the -platformpluginpath argument to the bitcoin-qt program, as demonstrated by an x-scheme-handler/bitcoin handler for a .desktop file or a web browser. NOTE: the discoverer states "I believe that this vulnerability cannot actually be exploited."
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://achow101.com/2021/02/0.18-uri-vuln
x_refsource_MISC
https://github.com/bitcoin/bitcoin/pull/16578
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now