Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:41 a.m.10 views

CVE-2022-31020

Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. In versions 1.12.4 and prior, the pool-upgrade request handler in Indy-Node allows an improperly authenticated attacker to remotely execute code on nodes within the network. The pool-upgrade request...

8.8CVSS7.5AI score0.01738EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/09/06 5:15 p.m.8 views

ledger-rest-api-dev (>=0.1.9 <=0.1.10) potentially affected by CVE-2022-31020 via indy-node (=1.0.28)

indy-node PYPI version =1.0.28 is affected by a known vulnerability. The following packages have a transitive dependency on indy-node and may be impacted: - ledger-rest-api-dev =0.1.9, =0.1.10 Source cves: CVE-2022-31020 Source advisory: OSV:PYSEC-2022-265...

8.8CVSS7.2AI score0.01738EPSS
Exploits0
CVE
CVE
added 2022/09/06 4:30 p.m.107 views

CVE-2022-31020

Hyperledger Indy-Node (server portion of the Indy ledger) contains a remote code execution vulnerability in the pool-upgrade request handler for versions ≤ 1.12.4. An attacker could remotely execute code on nodes in the network due to improper authentication of pool-upgrade transactions. Indy-Nod...

8.8CVSS8.9AI score0.01738EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/09/06 4:30 p.m.27 views

CVE-2022-31020 Remote code execution in Indy's NODE_UPGRADE transaction

Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. In versions 1.12.4 and prior, the pool-upgrade request handler in Indy-Node allows an improperly authenticated attacker to remotely execute code on nodes within the network. The pool-upgrade request...

8.8CVSS9.1AI score0.01738EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/09/06 4:30 p.m.9 views

CVE-2022-31020 Remote code execution in Indy's NODE_UPGRADE transaction

Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. In versions 1.12.4 and prior, the pool-upgrade request handler in Indy-Node allows an improperly authenticated attacker to remotely execute code on nodes within the network. The pool-upgrade request...

8.8CVSS8.9AI score0.01738EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2022/09/02 9:55 p.m.5 views

ledger-rest-api-dev (>=0.1.9 <=0.1.10) potentially affected by CVE-2022-31020 via indy-node (=1.0.28)

indy-node PYPI version =1.0.28 is affected by a known vulnerability. The following packages have a transitive dependency on indy-node and may be impacted: - ledger-rest-api-dev =0.1.9, =0.1.10 Source cves: CVE-2022-31020 Source advisory: OSV:GHSA-R6V9-P59M-GJ2P...

8.8CVSS7.2AI score0.01738EPSS
Exploits0
Rows per page
Query Builder