Linux Foundation Decentralized Trust Program Statistics

View program

26 total issues disclosed

$6,333 total paid publicly

Most disclosed (4 disclosures) — None supplied

Disclosed Reports

Report Title Vulnerability Type Disclosed By Severity Disclosed on
Memory Leak in bytes_to_hexstring Function Use After Free cutiapretaa Low 2024-10-24
Code exec on Github runner via Pull request name Code Injection another_dude Medium 2024-04-28
Docker Secret Disclosure via GitHub Actions Cache Poisoning Information Disclosure adnanthekhan High 2024-04-20
CVE-2023-46132 Deserialization of Untrusted Data yacovm High 2024-01-08
[indy_node]POOL_UPGRADE command injection, Trustee Node can execute command in any other Node`s system. OS Command Injection kmhlyxj0 None 2023-04-27
Dependency confusion in https://github.com/hyperledger/aries-mobile-agent-react-native Code Injection r3drush None 2023-02-07
POOL_UPGRADE request handler may allow an unauthenticated attacker to remotely execute code on every node in the network. Command Injection - Generic shakedreiner Critical 2022-10-20
CVE-2017-5929: Hyperledger - Arbitrary Deserialization of Untrusted Data None supplied mik-patient None 2022-10-18
Relative Path Traversal vulnerability in fabric-private-chaincode Path Traversal bhaskar_ram None 2022-10-09
DOS validator nodes of blockchain to block external connections Uncontrolled Resource Consumption cre8 High 2022-09-13
Remote denial of service in HyperLedger Fabric Uncontrolled Resource Consumption zqgnd High 2022-09-01
Cross Site Scripting Vulnerability in fabric-sdk-py source code Cross-site Scripting (XSS) - DOM bhaskar_ram No rating 2022-08-17
fix(security):Path Traversal Bug Path Traversal bhaskar_ram High 2022-08-11
many commands can be manipulated to delete identities or affiliations Improper Authentication - Generic cet2000 Medium 2022-08-10
RCE vulnerability in Hyperledger Fabric SDK for Java Deserialization of Untrusted Data freskimo Medium 2022-08-06
Enrolling to a CA that returns an empty response crashes the node process Uncontrolled Resource Consumption mttrbrts Medium 2022-08-06
Brute Force of fabric-ca server admin account Improper Restriction of Authentication Attempts xiaoc High 2022-08-06
Fix : (Security) Mitigate Path Traversal Bug Path Traversal bhaskar_ram Low 2022-08-05
Insecure TLS Configuration #3530 Use of a Broken or Risky Cryptographic Algorithm bhaskar_ram Low 2022-08-01
Corsa Site Scripting Vulnerability (XSS) Cross-site Scripting (XSS) - Reflected bhaskar_ram High 2022-07-30
fix(cmd-socketio-server): mitigate cross site scripting attack #2068 Cross-site Scripting (XSS) - Reflected bhaskar_ram High 2022-07-21
Unauthorized packages modification or secrets exfiltration via GitHub actions Improper Access Control - Generic dusty_wormwood High 2022-07-08
Remote denial of service in HyperLedger Fabric Uncontrolled Resource Consumption zqgnd High 2022-07-07
Vulnerability in Private Data Endorsement Policy Management in Hyperledger Fabric 2.0 None supplied swang1994 No rating 2021-03-30
The “payload” Field of Transactions in a Block Reveals the Private Data to All Peers None supplied swang1994 No rating 2021-03-30
Vulnerabilities in Endorsement Mechanism of Private Data Related Transactions in Hyperledger Fabric 2.0 None supplied swang1994 No rating 2021-03-30