CVE-2022-36023: Improper Input Validation

October 13, 2022

Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications. If a gateway client application sends a malformed request to a gateway peer it may crash the peer node. Version 2.4.6 checks for the malformed gateway request and returns an error to the gateway client. There are no known workarounds, users must upgrade to version 2.4.6.

References

github.com/advisories/GHSA-qj6r-fhrc-jj5r
github.com/hyperledger/fabric/releases/tag/v2.4.6
github.com/hyperledger/fabric/security/advisories/GHSA-qj6r-fhrc-jj5r
nvd.nist.gov/vuln/detail/CVE-2022-36023

Detect and mitigate CVE-2022-36023 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →