Description
Eclair through 0.3 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states "it is beta-quality software and don't put too much money in it."
Remediation
References
https://github.com/ACINQ/eclair/releases
https://github.com/ACINQ/eclair/commits/master
https://lists.linuxfoundation.org/pipermail/lightning-dev/2019-September/002174.html
Related Vulnerabilities
CVE-2019-10390 Vulnerability in maven package com.splunk.splunkins:splunk-devops
CVE-2019-14540 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2019-10776 Vulnerability in npm package git-diff-apply
CVE-2020-2249 Vulnerability in maven package org.jenkins-ci.plugins:tfs
CVE-2019-1003077 Vulnerability in maven package org.jenkins-ci.plugins:audit2db