CVE-2021-37491
- Source
- https://cve.org/CVERecord?id=CVE-2021-37491
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-37491.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-37491
- Published
- 2023-02-07T14:15:08.557Z
- Modified
- 2025-12-04T05:04:39.480763Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
An issue discovered in src/wallet/wallet.cpp in Dogecoin Project Dogecoin Core 1.14.3 and earlier allows attackers to view sensitive information via CWallet::CreateTransaction() function.
- References
-
- http://dogecoin.com
- https://github.com/dogecoin/dogecoin/issues/2279
- https://github.com/bitcoin/bitcoin/commit/2fb9c1e6681370478e24a19172ed6d78d95d50d3
- https://github.com/VPRLab/BlkVulnReport/blob/main/NDSS23_BlockScope.pdf
- https://github.com/dogecoin/dogecoin/blob/master/src/wallet/wallet.cpp#L2628-L2640
Affected packages
Git / github.com/bitcoin/bitcoin
Affected ranges
- Type
- GIT
- Repo
- https://github.com/bitcoin/bitcoin
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
noversion
v0.*
v0.1.5
v0.1.6test1
v0.2.0
v0.2.10
v0.2.11
v0.2.12
v0.2.13
v0.2.2
v0.2.4
v0.2.5
v0.2.6
v0.2.7
v0.2.8
v0.2.9
v0.2rc2
v0.3.0
v0.3.1
v0.3.10
v0.3.11_notexact
v0.3.12
v0.3.13
v0.3.14
v0.3.15
v0.3.17
v0.3.18
v0.3.19
v0.3.1rc1
v0.3.2
v0.3.20
v0.3.20.01_closest
v0.3.20.2_closest
v0.3.21
v0.3.21rc
v0.3.22
v0.3.22rc1
v0.3.22rc2
v0.3.22rc3
v0.3.22rc4
v0.3.22rc5
v0.3.22rc6
v0.3.23
v0.3.23rc1
v0.3.24
v0.3.24rc1
v0.3.24rc2
v0.3.24rc3
v0.3.3
v0.3.6
v0.3.7
v0.3.8
v0.3rc1
v0.3rc2
v0.3rc4
v0.4.0
v0.4.00rc1
v0.4.00rc2
v0.5.0
v0.5.0rc1
v0.5.0rc2
v0.5.0rc3
v0.5.0rc4
v0.5.0rc5
v0.5.0rc6
v0.5.0rc7
v0.5.1
v0.5.1rc1
v0.5.1rc2
v0.6.0
v0.6.0rc1
v0.6.0rc2
v0.6.0rc3
v0.6.0rc4
v0.6.0rc5
v0.6.0rc6
v0.6.1
v0.6.1rc1
v0.6.1rc2
v0.7.0
v0.7.0rc1
v0.7.0rc2
v0.7.0rc3
v0.7.1
v0.7.1rc1
v0.8.0
v0.8.0rc1
v0.8.2
v0.8.2rc1
v0.8.2rc2
v0.8.2rc3
v0.9.0rc1
v0.9.0rc2
Database specific
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-37491.json"
vanir_signatures
[
{
"source": "https://github.com/bitcoin/bitcoin/commit/2fb9c1e6681370478e24a19172ed6d78d95d50d3",
"id": "CVE-2021-37491-0f3a7e1a",
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "src/wallet/wallet.cpp",
"function": "CWallet::CreateTransaction"
},
"deprecated": false,
"digest": {
"function_hash": "125034056860792545625548519770753620605",
"length": 7546.0
}
},
{
"source": "https://github.com/bitcoin/bitcoin/commit/2fb9c1e6681370478e24a19172ed6d78d95d50d3",
"id": "CVE-2021-37491-f226be0a",
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "src/wallet/wallet.cpp"
},
"deprecated": false,
"digest": {
"line_hashes": [
"141631597866571102610787215571298713801",
"300707198102548310351294567447427856382",
"110451034427564391564403774319217135396",
"276563020904277374992500244891139996786",
"134756459875976208293807961269881539302",
"119473122598452690608336811633631401181",
"37292230002629892326042622733773995730",
"252025109684205364906881023382772671098",
"307799523843447443646215985410161298010",
"129035121446230583032833067825788434028",
"306250321903663266830678623787727355765",
"85811109450452845716941420752385075013",
"226775650996502459306341144658670477386",
"57671861969212960607280541742419665002",
"309140562236205783584443692790075113088"
],
"threshold": 0.9
}
}
]