Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-9g6t-dcaz-1kh3
SummaryBitcoin Core 0.12.0 through 0.21.1 does not properly implement the replacement policy specified in BIP125, which makes it easier for attackers to trigger a loss of funds, or a denial of service attack against downstream projects such as Lightning network nodes. An unconfirmed child transaction with nSequence = 0xff_ff_ff_ff, spending an unconfirmed parent with nSequence <= 0xff_ff_ff_fd, should be replaceable because there is inherited signaling by the child transaction. However, the actual PreChecks implementation does not enforce this. Instead, mempool rejects the replacement attempt of the unconfirmed child transaction.
Aliases
0
alias CVE-2021-31876
Fixed_packages
Affected_packages
0
url pkg:alpm/archlinux/bitcoin-daemon@22.0-1
purl pkg:alpm/archlinux/bitcoin-daemon@22.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-573d-byea-r7cg
1
vulnerability VCID-9g6t-dcaz-1kh3
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bitcoin-daemon@22.0-1
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-31876
reference_id
reference_type
scores
0
value 0.00487
scoring_system epss
scoring_elements 0.65457
published_at 2026-04-18T12:55:00Z
1
value 0.00487
scoring_system epss
scoring_elements 0.6533
published_at 2026-04-01T12:55:00Z
2
value 0.00487
scoring_system epss
scoring_elements 0.65378
published_at 2026-04-02T12:55:00Z
3
value 0.00487
scoring_system epss
scoring_elements 0.65405
published_at 2026-04-04T12:55:00Z
4
value 0.00487
scoring_system epss
scoring_elements 0.65368
published_at 2026-04-07T12:55:00Z
5
value 0.00487
scoring_system epss
scoring_elements 0.65421
published_at 2026-04-08T12:55:00Z
6
value 0.00487
scoring_system epss
scoring_elements 0.65432
published_at 2026-04-09T12:55:00Z
7
value 0.00487
scoring_system epss
scoring_elements 0.65451
published_at 2026-04-11T12:55:00Z
8
value 0.00487
scoring_system epss
scoring_elements 0.65437
published_at 2026-04-12T12:55:00Z
9
value 0.00487
scoring_system epss
scoring_elements 0.65409
published_at 2026-04-13T12:55:00Z
10
value 0.00487
scoring_system epss
scoring_elements 0.65446
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-31876
1
reference_url https://security.archlinux.org/AVG-1486
reference_id AVG-1486
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1486
Weaknesses
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-9g6t-dcaz-1kh3