CVE-2020-11093: Improper Verification of Cryptographic Signature

December 24, 2020 (updated December 31, 2020)

Hyperledger Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. In Hyperledger Indy, there is lack of signature verification on a specific transaction which enables an attacker to make certain unauthorized alterations to the ledger.

References

nvd.nist.gov/vuln/detail/CVE-2020-11093

Detect and mitigate CVE-2020-11093 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →