CVE-2018-20586

bitcoind and Bitcoin-Qt prior to 0.17.1 allow injection of arbitrary data into the debug log via an RPC call.
Configurations

Configuration 1

cpe:2.3:a:bitcoin:bitcoin_core:0.12.0:rc1:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.12.0:rc2:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.12.0:rc3:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.12.0:rc4:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.12.0:rc5:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.12.1:-:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.12.1:rc1:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.12.1:rc2:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.13:*:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.13.0:-:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.13.0:rc1:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.13.0:rc2:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.13.0:rc3:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.13.1:-:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.13.1:rc1:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.13.1:rc2:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.13.1:rc3:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.13.2:-:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.13.2:rc1:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.14.0:-:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.14.0:rc1:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.14.0:rc2:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.14.0:rc3:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.14.1:-:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.14.1:rc1:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.14.1:rc2:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.14.2:-:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.14.2:rc1:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.14.2:rc2:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.14.3:*:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.15.0:-:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.15.0:rc1:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.15.0:rc2:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.15.0:rc3:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.15.0.1:*:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.15.1:-:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.15.1:rc1:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.15.2:*:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.16.0:-:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.16.0:rc1:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.16.0:rc2:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.16.0:rc3:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.16.0:rc4:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.16.1:-:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.16.1:rc1:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.16.1:rc2:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.16.2:-:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.16.2:rc1:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.16.2:rc2:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.16.3:*:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:0.17.0:-:*:*:*:*:*:*

Information

Published : 2020-03-12 09:15

Updated : 2020-03-20 07:09


NVD link : CVE-2018-20586

Mitre link : CVE-2018-20586

Products Affected
No products.
CWE
CWE-116

Improper Encoding or Escaping of Output