HIGH🇬🇧 English

CVE-2022-31121

CVSS 7.5v3.1pub. 2022-07-07upd. 2024-11-21

Hyperledger Fabric is a permissioned distributed ledger framework. In affected versions if a consensus client sends a malformed consensus request to an orderer it may crash the orderer node. A fix has been added in commit 0f1835949 which checks for missing consensus messages and returns an error to the consensus client should the message be missing. Users are advised to upgrade to versions 2.2.7 or v2.4.5. There are no known workarounds for this issue.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Hyperledger Fabric

    APP
    Hyperledger
    < 2.2.72.3.0 – 2.4.5 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2023-46132HIGH7.1ten sam produkt

Hyperledger Fabric is an open source permissioned distributed ledger framework. Combining two molecules to one...

CVE-2022-45196HIGH7.5ten sam produkt

Hyperledger Fabric 2.3 allows attackers to cause a denial of service (orderer crash) by repeatedly sending a c...

CVE-2022-36023HIGH7.0ten sam produkt

Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions a...

CVE-2024-45244MEDIUM5.3ten sam produkt

Hyperledger Fabric through 3.0.0 and 2.5.x through 2.5.9 do not verify that a request has a timestamp within t...

CVE-2024-21669CRITICAL9.9PL ✓ten sam vendor

Hyperledger ACA-Py: pominięcie weryfikacji proof w poświadczeniach JSON-LD

CVE-2022-31121 — HIGH 7.5 | CVEbaza.pl