VYPR

PyPI package

indy-node

pkg:pypi/indy-node

Vulnerabilities (4)

  • CVE-2022-31006Sep 9, 2022
    affected <= 1.12.6

    indy-node is the server portion of Hyperledger Indy, a distributed ledger purpose-built for decentralized identity. In vulnerable versions of indy-node, an attacker can max out the number of client connections allowed by the ledger, leaving the ledger unable to be used for its in

  • CVE-2022-31020Sep 6, 2022
    affected < 1.12.5rc1fixed 1.12.5rc1

    Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. In versions 1.12.4 and prior, the `pool-upgrade` request handler in Indy-Node allows an improperly authenticated attacker to remotely execute code on nodes within the network. The `p

  • CVE-2020-11093Dec 24, 2020
    affected < 1.12.4fixed 1.12.4

    Hyperledger Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. In Hyperledger Indy before version 1.12.4, there is lack of signature verification on a specific transaction which enables an attacker to make certain unauthorized altera

  • CVE-2020-11090Jun 11, 2020
    affected >= 1.12.2, < 1.12.3fixed 1.12.3

    In Indy Node 1.12.2, there is an Uncontrolled Resource Consumption vulnerability. Indy Node has a bug in TAA handling code. The current primary can be crashed with a malformed transaction from a client, which leads to a view change. Repeated rapid view changes have the potential