Vulnerabilities > Hyperledger

DATE CVE VULNERABILITY TITLE RISK
2024-08-25 CVE-2024-45244 Unspecified vulnerability in Hyperledger Fabric
Hyperledger Fabric through 2.5.9 does not verify that a request has a timestamp within the expected time window.
network
low complexity
hyperledger
5.3
2024-01-16 CVE-2022-31021 Inclusion of Functionality from Untrusted Control Sphere vulnerability in Hyperledger Ursa
Ursa is a cryptographic library for use with blockchains.
network
low complexity
hyperledger CWE-829
5.3
2024-01-16 CVE-2024-21670 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Hyperledger Ursa 0.1.0
Ursa is a cryptographic library for use with blockchains.
network
high complexity
hyperledger CWE-327
8.1
2024-01-16 CVE-2024-22192 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Hyperledger Ursa 0.1.0
Ursa is a cryptographic library for use with blockchains.
network
low complexity
hyperledger CWE-327
6.5
2024-01-11 CVE-2024-21669 Improper Verification of Cryptographic Signature vulnerability in Hyperledger Aries Cloud Agent
Hyperledger Aries Cloud Agent Python (ACA-Py) is a foundation for building decentralized identity applications and services running in non-mobile environments.
network
low complexity
hyperledger CWE-347
8.8
2023-11-14 CVE-2023-46132 Race Condition vulnerability in Hyperledger Fabric
Hyperledger Fabric is an open source permissioned distributed ledger framework.
network
low complexity
hyperledger CWE-362
6.5
2022-11-12 CVE-2022-45196 Always-Incorrect Control Flow Implementation vulnerability in Hyperledger Fabric 2.3
Hyperledger Fabric 2.3 allows attackers to cause a denial of service (orderer crash) by repeatedly sending a crafted channel tx with the same Channel name.
network
low complexity
hyperledger CWE-670
7.5
2022-08-18 CVE-2022-36023 Improper Input Validation vulnerability in Hyperledger Fabric
Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications.
network
low complexity
hyperledger CWE-20
5.3
2022-07-07 CVE-2022-31121 Improper Input Validation vulnerability in Hyperledger Fabric
Hyperledger Fabric is a permissioned distributed ledger framework.
network
low complexity
hyperledger CWE-20
5.0
2018-06-01 CVE-2018-3756 Improper Verification of Cryptographic Signature vulnerability in Hyperledger Iroha 1.0/1.0.0
Hyperledger Iroha versions v1.0_beta and v1.0.0_beta-1 are vulnerable to transaction and block signature verification bypass in the transaction and block validator allowing a single node to sign a transaction and/or block multiple times, each with a random nonce, and have other validating nodes accept them as separate valid signatures.
network
low complexity
hyperledger CWE-347
5.0