Critical severityNVD Advisory· Published Jun 11, 2020· Updated Aug 4, 2024
Uncontrolled Resource Consumption in Indy Node
CVE-2020-11090
Description
In Indy Node 1.12.2, there is an Uncontrolled Resource Consumption vulnerability. Indy Node has a bug in TAA handling code. The current primary can be crashed with a malformed transaction from a client, which leads to a view change. Repeated rapid view changes have the potential of bringing down the network. This is fixed in version 1.12.3.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
indy-nodePyPI | >= 1.12.2, < 1.12.3 | 1.12.3 |
Affected products
2- Range: = 1.12.2
Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-3gw4-m5w7-v89cghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-11090ghsaADVISORY
- github.com/hyperledger/indy-node/blob/master/CHANGELOG.mdghsax_refsource_MISCWEB
- github.com/hyperledger/indy-node/security/advisories/GHSA-3gw4-m5w7-v89cghsax_refsource_CONFIRMWEB
- github.com/pypa/advisory-database/tree/main/vulns/indy-node/PYSEC-2020-47.yamlghsaWEB
- pypi.org/project/indy-node/1.12.3ghsaWEB
- pypi.org/project/indy-node/1.12.3/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.