6 matches found
EUVD-2023-47232
Malicious code in bioql PyPI...
CVE-2023-42806
Hydra is the layer-two scalability solution for Cardano. Prior to version 0.13.0, not signing and verifying $\mathsfcid$ allows an attacker which must be a participant of this head to use a snapshot from an old head instance with the same participants to close the head or contest the state with i...
CVE-2023-42806
Hydra is the layer-two scalability solution for Cardano. Prior to version 0.13.0, not signing and verifying $\mathsfcid$ allows an attacker which must be a participant of this head to use a snapshot from an old head instance with the same participants to close the head or contest the state with i...
CVE-2023-42806 Snapshot signature not including HeadID will allow replay attacks
Hydra is the layer-two scalability solution for Cardano. Prior to version 0.13.0, not signing and verifying $\mathsfcid$ allows an attacker which must be a participant of this head to use a snapshot from an old head instance with the same participants to close the head or contest the state with i...
CVE-2023-42806
Hydra (Cardano) prior to v0.13.0 has a vulnerability where not signing/verifying the cid allows a participant to reuse a snapshot from an old head to close the head or contest state with the same participants. This can cause incorrect value distribution (value extraction) or prevent finalization ...
CVE-2023-42806 Snapshot signature not including HeadID will allow replay attacks
Hydra is the layer-two scalability solution for Cardano. Prior to version 0.13.0, not signing and verifying $\mathsfcid$ allows an attacker which must be a participant of this head to use a snapshot from an old head instance with the same participants to close the head or contest the state with i...