4 matches found
EUVD-2025-18921
Malicious code in bioql PyPI...
CVE-2025-48886
Hydra, a Layer-2 scaling solution for Cardano, is affected by a vulnerability that arises from assuming L1 finality and neglecting failed transactions. Before version 0.22.0, Hydra treated certain L1 events as finalized as soon as recognized by node participants, making those transactions targets...
PT-2025-26219 · Hydra · Hydra
Name of the Vulnerable Software and Affected Versions: Hydra versions prior to 0.22.0 Description: Hydra is a layer-two scalability solution for Cardano. The issue arises from the assumption of L1 event finality, where the system does not consider failed transactions on the Cardano L1. This makes...
CVE-2023-42448
Hydra is the layer-two scalability solution for Cardano. Prior to version 0.13.0, the specification states that the contestation period in the datum of the UTxO at the head validator must stay unchanged as the state progresses from Open to Closed Close transaction, but no such check appears to be...