6 matches found
CVE-2022-31020
Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. In versions 1.12.4 and prior, the pool-upgrade request handler in Indy-Node allows an improperly authenticated attacker to remotely execute code on nodes within the network. The pool-upgrade request...
ledger-rest-api-dev (>=0.1.9 <=0.1.10) potentially affected by CVE-2022-31020 via indy-node (=1.0.28)
indy-node PYPI version =1.0.28 is affected by a known vulnerability. The following packages have a transitive dependency on indy-node and may be impacted: - ledger-rest-api-dev =0.1.9, =0.1.10 Source cves: CVE-2022-31020 Source advisory: OSV:PYSEC-2022-265...
CVE-2022-31020
Hyperledger Indy-Node (server portion of the Indy ledger) contains a remote code execution vulnerability in the pool-upgrade request handler for versions ≤ 1.12.4. An attacker could remotely execute code on nodes in the network due to improper authentication of pool-upgrade transactions. Indy-Nod...
CVE-2022-31020 Remote code execution in Indy's NODE_UPGRADE transaction
Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. In versions 1.12.4 and prior, the pool-upgrade request handler in Indy-Node allows an improperly authenticated attacker to remotely execute code on nodes within the network. The pool-upgrade request...
CVE-2022-31020 Remote code execution in Indy's NODE_UPGRADE transaction
Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. In versions 1.12.4 and prior, the pool-upgrade request handler in Indy-Node allows an improperly authenticated attacker to remotely execute code on nodes within the network. The pool-upgrade request...
ledger-rest-api-dev (>=0.1.9 <=0.1.10) potentially affected by CVE-2022-31020 via indy-node (=1.0.28)
indy-node PYPI version =1.0.28 is affected by a known vulnerability. The following packages have a transitive dependency on indy-node and may be impacted: - ledger-rest-api-dev =0.1.9, =0.1.10 Source cves: CVE-2022-31020 Source advisory: OSV:GHSA-R6V9-P59M-GJ2P...