Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

hyperledger — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting hyperledger. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Hyperledger serves as an enterprise-grade blockchain framework for developing distributed ledger applications across supply chain, finance, and healthcare sectors. Historically, common vulnerabilities include remote code execution, cross-site scripting, and privilege escalation, often stemming from misconfigurations or insecure API implementations. The platform's modular architecture allows for granular security controls, though past incidents have exposed flaws in consensus mechanisms and smart contract vulnerabilities. With 14 CVEs documented, most issues receive patches within reasonable timeframes, though some critical flaws have demonstrated potential for network compromise when combined with other weaknesses. The framework's permissioned nature inherently reduces certain attack surfaces compared to public blockchains.

Top products by hyperledger: fabric indy-node besu Indy Node aries-cloudagent-python ursa besu-native
CVE IDTitleCVSSSeverityPublished
CVE-2026-41586 ObjectInputStream.readObject() without ObjectInputFilter in fabric-sdk-java allows Java deserialization RCE — fabricCWE-502 8.8AIHighAI2026-05-07
CVE-2025-30147 ALTBN128_ADD, ALTBN128_MUL, ALTBN128_PAIRING precompile functions do not check if points are on curve — besu-nativeCWE-325 7.5AIHighAI2025-05-07
CVE-2022-31021 Unlinkability broken in ursa when verifiers use malicious keys — ursaCWE-829 3.3 Low2024-01-16
CVE-2024-21669 Hyperledger Aries Cloud Agent Python result of presentation verification not checked for LDP-VC — aries-cloudagent-pythonCWE-347 9.9 Critical2024-01-11
CVE-2023-46132 Crosslinking transaction attack in hyperledger/fabric — fabricCWE-362 7.1 High2023-11-14
CVE-2022-36025 Incorrect Conversion between Numeric Types in Besu Ethereum Client — besuCWE-681 9.1 Critical2022-09-24
CVE-2022-31006 Hyperledger Indy DOS vulnerability — indy-nodeCWE-400 7.5 High2022-09-09
CVE-2022-31020 Remote code execution in Indy's NODE_UPGRADE transaction — indy-nodeCWE-287 8.8 High2022-09-06
CVE-2022-36023 Remote denial of service in Hyperledger Fabric Gateway — fabricCWE-20 7.0 High2022-08-18
CVE-2022-31121 Improper Input Validation in fabric hyperledger — fabricCWE-20 7.5 High2022-07-07
CVE-2021-41272 SHL, SHR, and SAR operations trigger native exception at key values in besu — besuCWE-681 7.5 High2021-12-13
CVE-2021-21369 Potential DoS in Besu HTTP JSON-RPC API — besuCWE-400 6.5 Medium2021-03-09
CVE-2020-11093 Authorization bypass in Hyperledger Indy — indy-nodeCWE-347 7.5 High2020-12-24
CVE-2020-11090 Uncontrolled Resource Consumption in Indy Node — Indy NodeCWE-400 7.5 High2020-06-11

This page lists every published CVE security advisory associated with hyperledger. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.