CVE-2022-44797

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-44797
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-44797.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-44797
Aliases
Downstream
Published
2022-11-07T04:15:09.650Z
Modified
2025-12-07T04:05:35.125238Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles witness size checking.

References

Affected packages

Git / github.com/btcsuite/btcd

Affected ranges

Type
GIT
Repo
https://github.com/btcsuite/btcd
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
6b5418d5850f5b9977c9b13725d79c5c81d0c1db

Affected versions

Other

BTCD_0_10_0_BETA
BTCD_0_11_0_BETA
BTCD_0_11_1_BETA
BTCD_0_12_0_BETA
BTCD_0_3_0_ALPHA
BTCD_0_3_1_ALPHA
BTCD_0_3_2_ALPHA
BTCD_0_3_3_ALPHA
BTCD_0_4_0_ALPHA
BTCD_0_5_0_ALPHA
BTCD_0_6_0_ALPHA
BTCD_0_7_0_ALPHA
BTCD_0_8_0_BETA
BTCD_0_9_0_BETA

btcec/v2.*

btcec/v2.0.0
btcec/v2.1.0
btcec/v2.1.1
btcec/v2.1.2
btcec/v2.1.3
btcec/v2.2.0
btcec/v2.2.1

btcutil/psbt/v1.*

btcutil/psbt/v1.0.0
btcutil/psbt/v1.1.0
btcutil/psbt/v1.1.1
btcutil/psbt/v1.1.2
btcutil/psbt/v1.1.3
btcutil/psbt/v1.1.4
btcutil/psbt/v1.1.5

btcutil/v1.*

btcutil/v1.0.0
btcutil/v1.1.0
btcutil/v1.1.1
btcutil/v1.1.2

chaincfg/chainhash/v1.*

chaincfg/chainhash/v1.0.0
chaincfg/chainhash/v1.0.1

v0.*

v0.20.0-beta
v0.20.1-beta
v0.21.0-beta
v0.22.0-beta
v0.23.0
v0.23.1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-44797.json"

Git / github.com/lightningnetwork/lnd

Affected ranges

Type
GIT
Repo
https://github.com/lightningnetwork/lnd
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
aff2ed3a6a118d664049835c325a5b69e977172f

Affected versions

0.*

0.4-beta

cert/v1.*

cert/v1.0.0
cert/v1.0.1
cert/v1.0.2
cert/v1.0.3
cert/v1.1.0
cert/v1.1.1

clock/v1.*

clock/v1.0.0
clock/v1.0.1
clock/v1.1.0

healthcheck/v1.*

healthcheck/v1.0.0
healthcheck/v1.0.1
healthcheck/v1.0.2
healthcheck/v1.1.0
healthcheck/v1.2.0
healthcheck/v1.2.1
healthcheck/v1.2.2

kvdb/v1.*

kvdb/v1.0.0
kvdb/v1.0.1
kvdb/v1.0.2
kvdb/v1.0.3
kvdb/v1.1.0
kvdb/v1.2.0
kvdb/v1.2.1
kvdb/v1.2.3
kvdb/v1.2.4
kvdb/v1.2.5
kvdb/v1.3.0
kvdb/v1.3.1

queue/v1.*

queue/v1.0.1
queue/v1.0.2
queue/v1.0.3
queue/v1.0.4
queue/v1.1.0

ticker/v1.*

ticker/v1.1.0

tlv/v1.*

tlv/v1.0.1
tlv/v1.0.2
tlv/v1.0.3

tor/v1.*

tor/v1.0.0
tor/v1.0.1

Other

upstream

v0.*

v0.1-alpha
v0.1.1-alpha
v0.10.0-beta
v0.10.0-beta.rc1
v0.10.0-beta.rc2
v0.10.0-beta.rc3
v0.10.0-beta.rc4
v0.10.0-beta.rc5
v0.10.0-beta.rc6
v0.11
v0.11.0-beta
v0.11.0-beta.rc1
v0.11.0-beta.rc2
v0.11.0-beta.rc3
v0.11.0-beta.rc4
v0.12.0-beta
v0.12.0-beta.rc1
v0.12.0-beta.rc2
v0.12.0-beta.rc3
v0.12.0-beta.rc3-testbuild7
v0.12.0-beta.rc4
v0.12.0-beta.rc5
v0.12.0-beta.rc6
v0.13.0-beta
v0.13.0-beta.rc1
v0.13.0-beta.rc2
v0.13.0-beta.rc3
v0.13.0-beta.rc4
v0.13.0-beta.rc5
v0.14.0-beta
v0.14.0-beta.rc1
v0.14.0-beta.rc2
v0.14.0-beta.rc3
v0.14.0-beta.rc4
v0.14.1-beta
v0.15.0-beta
v0.15.0-beta.rc1
v0.15.0-beta.rc2
v0.15.0-beta.rc3
v0.15.0-beta.rc4
v0.15.0-beta.rc5
v0.15.0-beta.rc6
v0.15.1-beta
v0.15.1-beta.rc1
v0.15.1-beta.rc2
v0.2-alpha
v0.2.1-alpha
v0.3-alpha
v0.4-beta
v0.4.1-beta
v0.4.2-beta
v0.5-beta
v0.5-beta-rc1
v0.5-beta-rc2
v0.5.1-beta
v0.5.1-beta-rc1
v0.5.1-beta-rc2
v0.5.1-beta-rc3
v0.5.1-beta-rc4
v0.6-beta
v0.6-beta-rc1
v0.6-beta-rc2
v0.6-beta-rc3
v0.6-beta-rc4
v0.6.0-beta
v0.6.1-beta
v0.6.1-beta-rc1
v0.6.1-beta-rc2
v0.7.0-beta
v0.7.0-beta-rc1
v0.7.0-beta-rc2
v0.7.0-beta-rc3
v0.7.1-beta
v0.7.1-beta-rc1
v0.7.1-beta-rc2
v0.8.0-beta
v0.8.0-beta-rc1
v0.8.0-beta-rc2
v0.8.0-beta-rc3
v0.9.0-beta
v0.9.0-beta-rc1
v0.9.0-beta-rc2
v0.9.0-beta-rc3
v0.9.0-beta-rc4

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-44797.json"