Description
Eclair through 0.3 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states "it is beta-quality software and don't put too much money in it."
Remediation
References
https://github.com/ACINQ/eclair/commits/master
https://github.com/ACINQ/eclair/releases
https://lists.linuxfoundation.org/pipermail/lightning-dev/2019-September/002174.html
Related Vulnerabilities
CVE-2018-8037 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2021-46708 Vulnerability in maven package org.webjars.npm:swagger-ui-dist
CVE-2022-25854 Vulnerability in npm package @yaireo/tagify
CVE-2022-39368 Vulnerability in maven package org.eclipse.californium:element-connector
CVE-2021-25930 Vulnerability in maven package org.opennms:opennms-webapp