GCVE - cpe:2.3:a:acinq:eclair:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:acinq:eclair:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Acinq (`96025f0c-56d5-59ec-8fd6-8f9ded1892b7`)
Product	Eclair (`1c6e6f41-2e18-5c8f-ba52-920e9921c93d`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/acinq/eclair`	purl2cpe	2026-06-01 10:14:03.551110

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2021-41591`	vulnerable	2026-06-03 14:45:25.994240	Details available ACINQ Eclair before 0.6.3 allows loss of funds because of dust HTLC exposure. Published: 2021-10-04T16:47:56.000Z Updated: 2024-08-04T03:15:29.283Z Open on db.gcve.eu Reference links https://lists.linuxfoundation.org/pipermail/lightning-dev/2020-May/002714.html https://bitcoinmagazine.com/technical/good-griefing-a-lingering-vulnerability-on-lightning-network-that-still-needs-fixing https://lists.linuxfoundation.org/pipermail/lightning-dev/2021-October/003257.html https://github.com/ACINQ/eclair/pull/1985	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-13000`	vulnerable	2026-06-03 14:39:36.385260	Details available Eclair through 0.3 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states "it is beta-quality software and don't put too much money in it." Published: 2020-01-31T19:40:03.000Z Updated: 2024-08-04T23:41:10.084Z Open on db.gcve.eu Reference links https://github.com/ACINQ/eclair/commits/master https://github.com/ACINQ/eclair/releases https://lists.linuxfoundation.org/pipermail/lightning-dev/2019-September/002174.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.