High severity7.5NVD Advisory· Published Jun 1, 2018· Updated Jun 17, 2026
CVE-2018-3756
CVE-2018-3756
Description
Hyperledger Iroha versions v1.0_beta and v1.0.0_beta-1 are vulnerable to transaction and block signature verification bypass in the transaction and block validator allowing a single node to sign a transaction and/or block multiple times, each with a random nonce, and have other validating nodes accept them as separate valid signatures.
Affected products
2= 1.0_beta, = 1.0.0_beta-1+ 1 more
- (no CPE)range: = 1.0_beta, = 1.0.0_beta-1
- (no CPE)range: <v1.0.0_beta-2
Patches
Vulnerability mechanics
References
1- github.com/hyperledger/iroha/releases/tag/v1.0.0_beta-2nvdThird Party Advisory
News mentions
0No linked articles in our index yet.