VYPR

Go modules package

github.com/hyperledger/fabric

pkg:golang/github.com/hyperledger/fabric

Vulnerabilities (6)

  • CVE-2024-45244Aug 25, 2024
    affected <= 2.5.9

    Hyperledger Fabric through 3.0.0 and 2.5.x through 2.5.9 do not verify that a request has a timestamp within the expected time window.

  • CVE-2023-46132Nov 14, 2023
    affected >= 1.0.0-alpha, < 2.2.14fixed 2.2.14

    Hyperledger Fabric is an open source permissioned distributed ledger framework. Combining two molecules to one another, called "cross-linking" results in a molecule with a chemical formula that is composed of all atoms of the original two molecules. In Fabric, one can take a bloc

  • CVE-2022-36023Aug 18, 2022
    affected >= 2.4.0, < 2.4.6fixed 2.4.6

    Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications. If a gateway client application sends a malformed request to a gateway peer it may crash the peer node. Version 2.4.6 checks for the malformed gateway re

  • CVE-2022-31121Jul 7, 2022
    affected < 2.2.7fixed 2.2.7

    Hyperledger Fabric is a permissioned distributed ledger framework. In affected versions if a consensus client sends a malformed consensus request to an orderer it may crash the orderer node. A fix has been added in commit 0f1835949 which checks for missing consensus messages and

  • CVE-2021-43669Nov 18, 2021
    affected < 2.4.0fixed 2.4.0

    A vulnerability has been detected in HyperLedger Fabric v1.4.0, v2.0.0, v2.0.1, v2.3.0. It can easily break down as many orderers as the attacker wants. This bug can be leveraged by constructing a message whose header is invalid to the interface Order. This bug has been admitted

  • CVE-2021-43667Nov 18, 2021
    affected >= 2.3.0, < 2.3.3fixed 2.3.3

    A vulnerability has been detected in HyperLedger Fabric v1.4.0, v2.0.0, v2.1.0. This bug can be leveraged by constructing a message whose payload is nil and sending this message with the method 'forwardToLeader'. This bug has been admitted and fixed by the developers of Fabric. I