GHSA-8986-v76q-8vr2: @keep-network/tbtc-v2 revealing P2PKH deposit with a wrapped P2SH script
Overview
References
- bugs.immunefi.com/magnus/672/projects/502/bug-bounty/reports/55982
- github.com/advisories/GHSA-8986-v76q-8vr2
- github.com/keep-network/bitcoin-spv/blob/856849612ef49114af18c0f407eaa74afc2ee4be/solidity/contracts/BTCUtils.sol
- github.com/threshold-network/tbtc-v2
- github.com/threshold-network/tbtc-v2/security/advisories/GHSA-8986-v76q-8vr2
Code Behaviors & Features
Detect and mitigate GHSA-8986-v76q-8vr2 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →