Vulnerabilities > Hyperledger
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-25 | CVE-2024-45244 | Unspecified vulnerability in Hyperledger Fabric Hyperledger Fabric through 2.5.9 does not verify that a request has a timestamp within the expected time window. | 5.3 |
2024-01-16 | CVE-2022-31021 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Hyperledger Ursa Ursa is a cryptographic library for use with blockchains. | 5.3 |
2024-01-16 | CVE-2024-21670 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Hyperledger Ursa 0.1.0 Ursa is a cryptographic library for use with blockchains. | 8.1 |
2024-01-16 | CVE-2024-22192 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Hyperledger Ursa 0.1.0 Ursa is a cryptographic library for use with blockchains. | 6.5 |
2024-01-11 | CVE-2024-21669 | Improper Verification of Cryptographic Signature vulnerability in Hyperledger Aries Cloud Agent Hyperledger Aries Cloud Agent Python (ACA-Py) is a foundation for building decentralized identity applications and services running in non-mobile environments. | 8.8 |
2023-11-14 | CVE-2023-46132 | Race Condition vulnerability in Hyperledger Fabric Hyperledger Fabric is an open source permissioned distributed ledger framework. | 6.5 |
2022-11-12 | CVE-2022-45196 | Always-Incorrect Control Flow Implementation vulnerability in Hyperledger Fabric 2.3 Hyperledger Fabric 2.3 allows attackers to cause a denial of service (orderer crash) by repeatedly sending a crafted channel tx with the same Channel name. | 7.5 |
2022-08-18 | CVE-2022-36023 | Improper Input Validation vulnerability in Hyperledger Fabric Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications. | 5.3 |
2022-07-07 | CVE-2022-31121 | Improper Input Validation vulnerability in Hyperledger Fabric Hyperledger Fabric is a permissioned distributed ledger framework. | 5.0 |
2018-06-01 | CVE-2018-3756 | Improper Verification of Cryptographic Signature vulnerability in Hyperledger Iroha 1.0/1.0.0 Hyperledger Iroha versions v1.0_beta and v1.0.0_beta-1 are vulnerable to transaction and block signature verification bypass in the transaction and block validator allowing a single node to sign a transaction and/or block multiple times, each with a random nonce, and have other validating nodes accept them as separate valid signatures. | 5.0 |