Lucene search
K

223 matches found

CNNVD
CNNVD
added 2023/11/14 12:0 a.m.7 views

Hyperledger Fabric Security Vulnerabilities

Hyperledger Fabric is an enterprise licensed distributed ledger framework. It is used to develop solutions and applications. Hyperledger Fabri has a security vulnerability that stems from a flaw in the way hash processing is performed, which allows an attacker to craft a cross-linking block that...

7.1CVSS6.8AI score0.00519EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/11/14 12:0 a.m.4 views

PT-2023-29865 · Unknown · Hyperledger Fabric

Name of the Vulnerable Software and Affected Versions: Hyperledger Fabric versions prior to 2.2.14 and 2.5.5 Description: The issue arises from the way Hyperledger Fabric hashes transactions in a block, which allows an adversary to manipulate the transactions without changing the computed hash of...

7.1CVSS7.1AI score0.00519EPSS
Exploits1References14
Hacker One
Hacker One
added 2023/02/02 2:44 p.m.20 views

Hyperledger: [indy_node]POOL_UPGRADE command injection, Trustee Node can execute command in any other Node`s system.

Vulnerability description not provided...

7.1AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/08 9:20 a.m.50 views

Security Bulletin: IBM MQ Blockchain bridge dependencies are vulnerable to issues in SnakeYAML (CVE-2022-38749, CVE-2022-38750, CVE-2022-38751 & CVE-2022-38752)

Summary A denial of service issue was identified within SnakeYAML that is used by Fabric Gateway. Fabric Gateway is used by the IBM MQ blockchain bridge component of IBM MQ to provide connection capability between IBM MQ queue managers and Hyperledger Fabric. Vulnerability Details...

6.5CVSS6.6AI score0.02091EPSS
Exploits1Affected Software1
Veracode
Veracode
added 2022/11/14 8:26 a.m.27 views

Denial Of Service (DoS)

github.com/hyperledger/fabric is vulnerable to Denial Of Service DoS. A remote attacker is able to cause a system panic by repeatedly sending a crafted channel tx with the same channel name, resulting in denial of service conditions...

7.5CVSS7AI score0.00797EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2022/11/12 8:15 p.m.23 views

CVE-2022-45196

Hyperledger Fabric 2.3 allows attackers to cause a denial of service orderer crash by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist...

7.5CVSS0.00797EPSS
Exploits1References2
OSV
OSV
added 2022/11/12 8:15 p.m.14 views

PYSEC-2022-43055

Hyperledger Fabric 2.3 allows attackers to cause a denial of service orderer crash by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist...

7.5CVSS6.6AI score
Exploits0References2
Prion
Prion
added 2022/11/12 8:15 p.m.17 views

Design/Logic Flaw

Hyperledger Fabric 2.3 allows attackers to cause a denial of service orderer crash by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist...

5CVSS7.2AI score0.00797EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2022/11/12 8:15 p.m.7 views

PYSEC-2022-43055

Hyperledger Fabric 2.3 allows attackers to cause a denial of service orderer crash by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist...

7.5CVSS6.7AI score0.00797EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2022/11/12 12:0 a.m.20 views

CVE-2022-45196

Hyperledger Fabric 2.3 allows attackers to cause a denial of service orderer crash by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist...

7.5AI score0.00797EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/11/12 12:0 a.m.17 views

Hyperledger Fabric 资源管理错误漏洞

Hyperledger Fabric is an enterprise licensed distributed ledger framework. It is used to develop solutions and applications. A security vulnerability exists in Hyperledger Fabric version 2.3 that stems from the fact that it allows an attacker to cause a denial of service by repeatedly sending a...

7.5CVSS7.2AI score0.00797EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/11/12 12:0 a.m.3 views

CVE-2022-45196

Hyperledger Fabric 2.3 allows attackers to cause a denial of service orderer crash by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist...

7.2AI score0.00797EPSS
Exploits1References2
OSV
OSV
added 2022/11/12 12:0 a.m.18 views

CVE-2022-45196

Hyperledger Fabric 2.3 allows attackers to cause a denial of service orderer crash by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist...

7.5CVSS6.7AI score0.00797EPSS
Exploits1References4
CVE
CVE
added 2022/11/12 12:0 a.m.75 views

CVE-2022-45196

CVE-2022-45196 affects Hyperledger Fabric 2.3. A vulnerability in the orderer channel handling allows an attacker to cause a denial-of-service (orderer crash) by repeatedly sending a crafted channel transaction with the same channel name. The publicly documented description notes that exploitatio...

7.5CVSS7.2AI score0.00797EPSS
Exploits1References2Affected Software1
Hacker One
Hacker One
added 2022/11/05 10:20 p.m.58 views

Hyperledger: Dependency confusion in https://github.com/hyperledger/aries-mobile-agent-react-native

Vulnerability description not provided...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2022/10/18 8:23 a.m.50 views

Hyperledger: CVE-2017-5929: Hyperledger - Arbitrary Deserialization of Untrusted Data

Vulnerability Overview Serialization is a process of converting an object into a sequence of bytes which can be persisted to a disk or database or can be sent through streams. The reverse process of creating object from sequence of bytes is called deserialization. Serialization is commonly used f...

7.5CVSS1.5AI score0.07501EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2022/10/13 7:12 p.m.27 views

Remote denial of service in Hyperledger Fabric Gateway

Impact If a gateway client application sends a malformed request to a gateway peer it may crash the peer node. This fix checks for the malformed gateway request and returns an error to the gateway client. Patches Fixed in v2.4.6. Workarounds None, users must upgrade to v2.4.6. References...

7CVSS5.4AI score0.00912EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2022/10/13 7:12 p.m.16 views

GHSA-QJ6R-FHRC-JJ5R Remote denial of service in Hyperledger Fabric Gateway

Impact If a gateway client application sends a malformed request to a gateway peer it may crash the peer node. This fix checks for the malformed gateway request and returns an error to the gateway client. Patches Fixed in v2.4.6. Workarounds None, users must upgrade to v2.4.6. References...

7CVSS5.7AI score0.00912EPSS
Exploits0References7
Veracode
Veracode
added 2022/09/30 8:38 p.m.16 views

Denial Of Service (DOS)

Hyperledger Fabric is vulnerable to denial of service. The vulnerability is due to non validated requests. An attacker can construct requests with invalid channel and chaincode information, which might crash the peer service...

1.7AI score
Exploits0References3Affected Software1
CNVD
CNVD
added 2022/09/28 12:0 a.m.13 views

Hyperledger Fabric Denial of Service Vulnerability

Hyperledger Fabric is an enterprise licensed distributed ledger framework. It is used to develop solutions and applications. A denial of service vulnerability exists in versions of Hyperledger Fabric prior to 2.4.0 that stems from not properly handling incoming error messages, which can be...

6.2AI score
Exploits0References1
Rows per page
Query Builder