VYPR
High severity7.5NVD Advisory· Published Jun 1, 2018· Updated Jun 17, 2026

CVE-2018-3756

CVE-2018-3756

Description

Hyperledger Iroha versions v1.0_beta and v1.0.0_beta-1 are vulnerable to transaction and block signature verification bypass in the transaction and block validator allowing a single node to sign a transaction and/or block multiple times, each with a random nonce, and have other validating nodes accept them as separate valid signatures.

Affected products

2
  • Hyperledger/Irohainferred2 versions
    = 1.0_beta, = 1.0.0_beta-1+ 1 more
    • (no CPE)range: = 1.0_beta, = 1.0.0_beta-1
    • (no CPE)range: <v1.0.0_beta-2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.