VYPR

Indy Node

by Hyperledger

Source repositories

CVEs (4)

  • CVE-2022-31006Sep 9, 2022
    risk 0.00cvss epss 0.01

    indy-node is the server portion of Hyperledger Indy, a distributed ledger purpose-built for decentralized identity. In vulnerable versions of indy-node, an attacker can max out the number of client connections allowed by the ledger, leaving the ledger unable to be used for its…

  • CVE-2022-31020Sep 6, 2022
    risk 0.00cvss epss 0.02

    Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. In versions 1.12.4 and prior, the `pool-upgrade` request handler in Indy-Node allows an improperly authenticated attacker to remotely execute code on nodes within the network. The…

  • CVE-2020-11093Dec 24, 2020
    risk 0.00cvss epss 0.01

    Hyperledger Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. In Hyperledger Indy before version 1.12.4, there is lack of signature verification on a specific transaction which enables an attacker to make certain unauthorized…

  • CVE-2020-11090Jun 11, 2020
    risk 0.00cvss epss 0.02

    In Indy Node 1.12.2, there is an Uncontrolled Resource Consumption vulnerability. Indy Node has a bug in TAA handling code. The current primary can be crashed with a malformed transaction from a client, which leads to a view change. Repeated rapid view changes have the potential…