Home > Vulnerability Database > CVE-2023-50428

Mend.io Vulnerability Database

CVE-2023-50428

Date: December 9, 2023

In Bitcoin Core through 26.0 and Bitcoin Knots before 25.1.knots20231115, datacarrier size limits can be bypassed by obfuscating data as code (e.g., with OP_FALSE OP_IF), as exploited in the wild by Inscriptions in 2022 and 2023. NOTE: although this is a vulnerability from the perspective of the Bitcoin Knots project, some others consider it "not a bug."

Language: C++

Severity Score

5.3

Related Resources (8)

Url: https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-50428

Url: https://github.com/bitcoin/bitcoin/pull/28408#issuecomment-1844981799

Url: https://github.com/bitcoin/bitcoin/tags

Url: https://twitter.com/LukeDashjr/status/1732204937466032285

Url: https://github.com/bitcoinknots/bitcoin/blob/aed49ce8989334c364a219a6eb016a3897d4e3d7/doc/release-notes.md

Url: https://github.com/bitcoin/bitcoin/blob/65c05db660b2ca1d0076b0d8573a6760b3228068/src/kernel/mempool_options.h#L46-L53

Url: https://www.mend.io/vulnerability-database/CVE-2023-50428

Severity Score

5.3

Weakness Type (CWE)

Insufficient Information

NVD-CWE-noinfo

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2023-50428

Date: December 9, 2023

Language: C++

Severity Score

Related Resources (8)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?