CVE-2022-31006
- EPSS 0.84%
- Veröffentlicht 09.09.2022 19:15:08
- Zuletzt bearbeitet 21.11.2024 07:03:42
indy-node is the server portion of Hyperledger Indy, a distributed ledger purpose-built for decentralized identity. In vulnerable versions of indy-node, an attacker can max out the number of client connections allowed by the ledger, leaving the ledge...
CVE-2022-31020
- EPSS 1.24%
- Veröffentlicht 06.09.2022 17:15:08
- Zuletzt bearbeitet 21.11.2024 07:03:43
Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. In versions 1.12.4 and prior, the `pool-upgrade` request handler in Indy-Node allows an improperly authenticated attacker to remotely execute code on no...
CVE-2020-11093
- EPSS 0.16%
- Veröffentlicht 24.12.2020 20:15:12
- Zuletzt bearbeitet 21.11.2024 04:56:46
Hyperledger Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. In Hyperledger Indy before version 1.12.4, there is lack of signature verification on a specific transaction which enables an attacker to ma...
CVE-2020-11090
- EPSS 0.41%
- Veröffentlicht 11.06.2020 00:15:22
- Zuletzt bearbeitet 21.11.2024 04:56:46
In Indy Node 1.12.2, there is an Uncontrolled Resource Consumption vulnerability. Indy Node has a bug in TAA handling code. The current primary can be crashed with a malformed transaction from a client, which leads to a view change. Repeated rapid vi...