In Bitcoin Knots v0.11.0.ljr20150711 through v0.13.0.knots20160814 (fixed in v0.13.1.knots20161027), the debug console stores sensitive information including private keys and the wallet passphrase in its persistent command history.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitcoin_knots_project | bitcoin_knots | 0.12.1.knots20160629 |
| bitcoin_knots_project | bitcoin_knots | 0.11.0 |
| bitcoin_knots_project | bitcoin_knots | 0.11.2 |
| bitcoin_knots_project | bitcoin_knots | 0.12.0 |
| bitcoin_knots_project | bitcoin_knots | 0.13.0.knots20160814 |
| bitcoin_knots_project | bitcoin_knots | 0.11.1 |
| bitcoin_knots_project | bitcoin_knots | 0.12.0.knots20160226 |