Insufficient Verification of Proofs generated by the immudb server in client SDK.

Impact In certain scenario a malicious immudb server can provide a falsified proof that will be accepted by the client SDK signing a falsified transaction replacing the genuine one. This situation can not be triggered by a genuine immudb server and requires the client to perform a specific list o...

PT-2022-23200 · Immudb · Immudb

Name of the Vulnerable Software and Affected Versions: immudb versions prior to 1.4.1 Description: immudb is a database with built-in cryptographic proof and verification. A malicious immudb server can provide a falsified proof that will be accepted by the client SDK, signing a falsified...