Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

NVD
NVDadded 2023/10/04 7:15 p.m.14 views

CVE-2023-38701

Hydra is the layer-two scalability solution for Cardano. Users of the Hydra head protocol send the UTxOs they wish to commit into the Hydra head first to the commit validator, where they remain until they are either collected into the head validator or the protocol initialisation is aborted and t...

9.1CVSS9.3AI score0.00084EPSS
Exploits1References4
Prion
Prionadded 2023/10/04 7:15 p.m.21 views

Design/Logic Flaw

Hydra is the layer-two scalability solution for Cardano. Users of the Hydra head protocol send the UTxOs they wish to commit into the Hydra head first to the commit validator, where they remain until they are either collected into the head validator or the protocol initialisation is aborted and t...

6.4CVSS9.1AI score0.00084EPSS
Exploits1References4Affected Software1
CVE
CVEadded 2023/10/04 6:48 p.m.46 views

CVE-2023-38701

CVE-2023-38701 (Hydra) affects Hydra’s head protocol on Cardano. Before v0.12.0, the commit validator and the initial validator contain a flawed check when the ViaAbort redeemer is used, allowing any user to arbitrarily spend UTxOs at the validator. This enables an attacker to steal funds users c...

9.1CVSS9.3AI score0.00084EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichmentadded 2023/10/04 6:48 p.m.14 views

CVE-2023-38701 Hydra's committed UTxOs at Commit validator and UTxOs at Initial validator can be spent arbitrarily by anyone

Hydra is the layer-two scalability solution for Cardano. Users of the Hydra head protocol send the UTxOs they wish to commit into the Hydra head first to the commit validator, where they remain until they are either collected into the head validator or the protocol initialisation is aborted and t...

9.1CVSS7.1AI score0.00084EPSS
Exploits1References4
Cvelist
Cvelistadded 2023/10/04 6:48 p.m.18 views

CVE-2023-38701 Hydra's committed UTxOs at Commit validator and UTxOs at Initial validator can be spent arbitrarily by anyone

Hydra is the layer-two scalability solution for Cardano. Users of the Hydra head protocol send the UTxOs they wish to commit into the Hydra head first to the commit validator, where they remain until they are either collected into the head validator or the protocol initialisation is aborted and t...

9.1CVSS9.4AI score0.00084EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2023/10/04 12:0 a.m.3 views

PT-2023-26566 · Hydra · Hydra

Name of the Vulnerable Software and Affected Versions: Hydra versions prior to 0.12.0 Description: Hydra is a layer-two scalability solution for Cardano. The issue arises when the ViaAbort redeemer is used in the commit validator, allowing any user to spend any UTxO arbitrarily, which means an...

9.1CVSS9AI score0.00084EPSS
Exploits1References8
Rows per page
Query Builder