Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications. Its modular and versatile design satisfies a broad range of industry use cases. It offers a unique approach to consensus that enables performance at scale while preserving privacy.
github.com/hyperledger/[email protected] has vulnerabilities — update to latest
Update to >= 2.2.4 to fix known vulnerabilities
| Severity | ID | Summary | Fixed in |
|---|---|---|---|
| medium | BIT-hyperledger-fabric-orderer-2024-45244 | Hyperledger Fabric does not verify request has a timestamp within the expected time window | — |
| high | BIT-hyperledger-fabric-orderer-2022-31121 | Hyperledger Fabric vulnerable to Improper Input Validation in orderer/common/cluster consensus request | 2.4.5 |
| high | CVE-2022-35253 | Hyperledger Fabric subject to Denial of Service via non-validated request | 2.4.6 |
| high | CVE-2021-43669 | HTTP Request Smuggling in github.com/hyperledger/fabric | 2.4.0 |
| high | BIT-hyperledger-fabric-orderer-2023-46132 | Fabric vulnerable to crosslinking transaction attack | 2.5.5 |
| high | CVE-2021-43667 | NULL Pointer Dereference in HyperLedger Fabric | 2.2.4 |
| unknown | BIT-hyperledger-fabric-orderer-2024-45244 | Hyperledger Fabric does not verify request has a timestamp within the expected time window in github.com/hyperledger/fabric | — |
Get this data programmatically — free, no authentication.
curl https://depscope.dev/api/check/go/github.com/hyperledger/fabricLast updated · 2021-04-23T19:56:25Z