26 matches found
CVE-2022-31121
Hyperledger Fabric is a permissioned distributed ledger framework. In affected versions if a consensus client sends a malformed consensus request to an orderer it may crash the orderer node. A fix has been added in commit 0f1835949 which checks for missing consensus messages and returns an error ...
EUVD-2022-0123
Malicious code in bioql PyPI...
EUVD-2022-6271
Malicious code in bioql PyPI...
CVE-2022-45196
Hyperledger Fabric 2.3 allows attackers to cause a denial of service orderer crash by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist...
BIT-HYPERLEDGER-FABRIC-TOOLS-2022-31121 Improper Input Validation in fabric hyperledger
Hyperledger Fabric is a permissioned distributed ledger framework. In affected versions if a consensus client sends a malformed consensus request to an orderer it may crash the orderer node. A fix has been added in commit 0f1835949 which checks for missing consensus messages and returns an error ...
BIT-HYPERLEDGER-FABRIC-ORDERER-2022-45196
Hyperledger Fabric 2.3 allows attackers to cause a denial of service orderer crash by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist...
BIT-HYPERLEDGER-FABRIC-PEER-2022-45196
Hyperledger Fabric 2.3 allows attackers to cause a denial of service orderer crash by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist...
BIT-HYPERLEDGER-FABRIC-TOOLS-2022-45196
Hyperledger Fabric 2.3 allows attackers to cause a denial of service orderer crash by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist...
CVE-2022-45196
Hyperledger Fabric 2.3 allows attackers to cause a denial of service orderer crash by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist...
PYSEC-2022-43055
Hyperledger Fabric 2.3 allows attackers to cause a denial of service orderer crash by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist...
PYSEC-2022-43055
Hyperledger Fabric 2.3 allows attackers to cause a denial of service orderer crash by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist...
Design/Logic Flaw
Hyperledger Fabric 2.3 allows attackers to cause a denial of service orderer crash by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist...
CVE-2022-45196
Hyperledger Fabric 2.3 allows attackers to cause a denial of service orderer crash by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist...
PT-2022-37332 · Unknown · Hyperledger Fabric
Name of the Vulnerable Software and Affected Versions: Hyperledger Fabric version 2.3 Description: The issue allows attackers to cause a denial of service by repeatedly sending a crafted channel transaction with the same Channel name, leading to an orderer crash. However, the official Fabric with...
CVE-2022-45196
CVE-2022-45196 affects Hyperledger Fabric 2.3. A vulnerability in the orderer channel handling allows an attacker to cause a denial-of-service (orderer crash) by repeatedly sending a crafted channel transaction with the same channel name. The publicly documented description notes that exploitatio...
PT-2022-27426 · Hyperledger · Hyperledger Fabric
Name of the Vulnerable Software and Affected Versions: Hyperledger Fabric version 2.3 Description: The issue allows attackers to cause a denial of service by repeatedly sending a crafted channel transaction with the same channel name, leading to an orderer crash. However, the official Fabric with...
GHSA-72X4-CQ6R-JP4P Hyperledger Fabric vulnerable to Improper Input Validation in orderer/common/cluster consensus request
Impact If a consensus client sends a malformed consensus request to an orderer it may crash the orderer node. This fix checks for the malformed consensus request and returns an error to the consensus client. Specific Go Packages Affected github.com/hyperledger/fabric/orderer/common/cluster Patche...
Hyperledger Fabric vulnerable to Improper Input Validation in orderer/common/cluster consensus request
Impact If a consensus client sends a malformed consensus request to an orderer it may crash the orderer node. This fix checks for the malformed consensus request and returns an error to the consensus client. Specific Go Packages Affected github.com/hyperledger/fabric/orderer/common/cluster Patche...
Denial Of Service (DoS)
github.com/hyperledger/fabric is vulnerable to denial of service DoS attacks. A remote attacker is able to cause denial of service conditions via sending a malformed consensus request to an orderer and crashing the orderer node...
Design/Logic Flaw
Hyperledger Fabric is a permissioned distributed ledger framework. In affected versions if a consensus client sends a malformed consensus request to an orderer it may crash the orderer node. A fix has been added in commit 0f1835949 which checks for missing consensus messages and returns an error ...