Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/indy-node@1.1.33
Typepypi
Namespace
Nameindy-node
Version1.1.33
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.13.0.dev2
Latest_non_vulnerable_version1.13.0.dev2
Affected_by_vulnerabilities
0
url VCID-6u99-aw1g-kbd7
vulnerability_id VCID-6u99-aw1g-kbd7
summary indy-node is the server portion of Hyperledger Indy, a distributed ledger purpose-built for decentralized identity. In vulnerable versions of indy-node, an attacker can max out the number of client connections allowed by the ledger, leaving the ledger unable to be used for its intended purpose. However, the ledger content will not be impacted and the ledger will resume functioning after the attack. This attack exploits the trade-off between resilience and availability. Any protection against abusive client connections will also prevent the network being accessed by certain legitimate users. As a result, validator nodes must tune their firewall rules to ensure the right trade-off for their network's expected users. The guidance to network operators for the use of firewall rules in the deployment of Indy networks has been modified to better protect against denial of service attacks by increasing the cost and complexity in mounting such attacks. The mitigation for this vulnerability is not in the Hyperledger Indy code per se, but rather in the individual deployments of Indy. The mitigations should be applied to all deployments of Indy, and are not related to a particular release.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31006
reference_id
reference_type
scores
0
value 0.00594
scoring_system epss
scoring_elements 0.69778
published_at 2026-06-11T12:55:00Z
1
value 0.00594
scoring_system epss
scoring_elements 0.69869
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31006
1
reference_url https://github.com/hyperledger/indy-node
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hyperledger/indy-node
2
reference_url https://github.com/hyperledger/indy-node/commits/v1.13.2-rc2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hyperledger/indy-node/commits/v1.13.2-rc2
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/indy-node/PYSEC-2022-270.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/indy-node/PYSEC-2022-270.yaml
4
reference_url https://github.com/hyperledger/indy-node/commit/53a2a1bf1a26cb8ba710fd6adc8bcf275186a4b3
reference_id 53a2a1bf1a26cb8ba710fd6adc8bcf275186a4b3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:51:41Z/
url https://github.com/hyperledger/indy-node/commit/53a2a1bf1a26cb8ba710fd6adc8bcf275186a4b3
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-31006
reference_id CVE-2022-31006
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-31006
6
reference_url https://github.com/advisories/GHSA-x996-7qh9-7ff7
reference_id GHSA-x996-7qh9-7ff7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x996-7qh9-7ff7
7
reference_url https://github.com/hyperledger/indy-node/security/advisories/GHSA-x996-7qh9-7ff7
reference_id GHSA-x996-7qh9-7ff7
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:51:41Z/
url https://github.com/hyperledger/indy-node/security/advisories/GHSA-x996-7qh9-7ff7
fixed_packages
0
url pkg:pypi/indy-node@1.13.0.dev2
purl pkg:pypi/indy-node@1.13.0.dev2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/indy-node@1.13.0.dev2
aliases CVE-2022-31006, GHSA-x996-7qh9-7ff7, PYSEC-2022-270
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6u99-aw1g-kbd7
1
url VCID-9a6b-gqdc-2ybj
vulnerability_id VCID-9a6b-gqdc-2ybj
summary Hyperledger Indy's update process of a DID does not check who signs the request
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11093
reference_id
reference_type
scores
0
value 0.00162
scoring_system epss
scoring_elements 0.37127
published_at 2026-06-12T12:55:00Z
1
value 0.00162
scoring_system epss
scoring_elements 0.36949
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11093
1
reference_url https://github.com/hyperledger/indy-node
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hyperledger/indy-node
2
reference_url https://github.com/hyperledger/indy-node/blob/master/CHANGELOG.md#1124
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hyperledger/indy-node/blob/master/CHANGELOG.md#1124
3
reference_url https://github.com/hyperledger/indy-node/blob/master/docs/source/auth_rules.md
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hyperledger/indy-node/blob/master/docs/source/auth_rules.md
4
reference_url https://github.com/hyperledger/indy-node/commit/55056f22c83b7c3520488b615e1577e0f895d75a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hyperledger/indy-node/commit/55056f22c83b7c3520488b615e1577e0f895d75a
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/indy-node/PYSEC-2020-48.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/indy-node/PYSEC-2020-48.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-11093
reference_id CVE-2020-11093
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-11093
7
reference_url https://github.com/advisories/GHSA-wh2w-39f4-rpv2
reference_id GHSA-wh2w-39f4-rpv2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wh2w-39f4-rpv2
8
reference_url https://github.com/hyperledger/indy-node/security/advisories/GHSA-wh2w-39f4-rpv2
reference_id GHSA-wh2w-39f4-rpv2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hyperledger/indy-node/security/advisories/GHSA-wh2w-39f4-rpv2
fixed_packages
0
url pkg:pypi/indy-node@1.12.4
purl pkg:pypi/indy-node@1.12.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6u99-aw1g-kbd7
1
vulnerability VCID-rm6d-yc9t-u7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/indy-node@1.12.4
aliases CVE-2020-11093, GHSA-wh2w-39f4-rpv2, PYSEC-2020-48
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9a6b-gqdc-2ybj
2
url VCID-rm6d-yc9t-u7c6
vulnerability_id VCID-rm6d-yc9t-u7c6
summary Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. In versions 1.12.4 and prior, the `pool-upgrade` request handler in Indy-Node allows an improperly authenticated attacker to remotely execute code on nodes within the network. The `pool-upgrade` request handler in Indy-Node 1.12.5 has been updated to properly authenticate pool-upgrade transactions before any processing is performed by the request handler. The transactions are further sanitized to prevent remote code execution. As a workaround, endorsers should not create DIDs for untrusted users. A vulnerable ledger should configure `auth_rules` to prevent new DIDs from being written to the ledger until the network can be upgraded.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31020
reference_id
reference_type
scores
0
value 0.01579
scoring_system epss
scoring_elements 0.82045
published_at 2026-06-12T12:55:00Z
1
value 0.01579
scoring_system epss
scoring_elements 0.81984
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31020
1
reference_url https://github.com/hyperledger/indy-node
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hyperledger/indy-node
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/indy-node/PYSEC-2022-265.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/indy-node/PYSEC-2022-265.yaml
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-31020
reference_id CVE-2022-31020
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-31020
4
reference_url https://github.com/hyperledger/indy-node/commit/fe507474f77084faef4539101e2bbb4d508a97f5
reference_id fe507474f77084faef4539101e2bbb4d508a97f5
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:49:58Z/
url https://github.com/hyperledger/indy-node/commit/fe507474f77084faef4539101e2bbb4d508a97f5
5
reference_url https://github.com/advisories/GHSA-r6v9-p59m-gj2p
reference_id GHSA-r6v9-p59m-gj2p
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r6v9-p59m-gj2p
6
reference_url https://github.com/hyperledger/indy-node/security/advisories/GHSA-r6v9-p59m-gj2p
reference_id GHSA-r6v9-p59m-gj2p
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
4
value HIGH
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:49:58Z/
url https://github.com/hyperledger/indy-node/security/advisories/GHSA-r6v9-p59m-gj2p
7
reference_url https://github.com/hyperledger/indy-node/releases/tag/v1.12.5
reference_id v1.12.5
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:49:58Z/
url https://github.com/hyperledger/indy-node/releases/tag/v1.12.5
fixed_packages
0
url pkg:pypi/indy-node@1.12.5rc1
purl pkg:pypi/indy-node@1.12.5rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6u99-aw1g-kbd7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/indy-node@1.12.5rc1
aliases CVE-2022-31020, GHSA-r6v9-p59m-gj2p, PYSEC-2022-265
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rm6d-yc9t-u7c6
3
url VCID-vppt-yg65-xbew
vulnerability_id VCID-vppt-yg65-xbew
summary Uncontrolled Resource Consumption in Indy Node
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11090
reference_id
reference_type
scores
0
value 0.00408
scoring_system epss
scoring_elements 0.61616
published_at 2026-06-11T12:55:00Z
1
value 0.00408
scoring_system epss
scoring_elements 0.61719
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11090
1
reference_url https://github.com/hyperledger/indy-node
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/hyperledger/indy-node
2
reference_url https://github.com/hyperledger/indy-node/blob/master/CHANGELOG.md#1123
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/hyperledger/indy-node/blob/master/CHANGELOG.md#1123
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/indy-node/PYSEC-2020-47.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/indy-node/PYSEC-2020-47.yaml
4
reference_url https://pypi.org/project/indy-node/1.12.3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://pypi.org/project/indy-node/1.12.3
5
reference_url https://pypi.org/project/indy-node/1.12.3/
reference_id
reference_type
scores
url https://pypi.org/project/indy-node/1.12.3/
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-11090
reference_id CVE-2020-11090
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-11090
7
reference_url https://github.com/advisories/GHSA-3gw4-m5w7-v89c
reference_id GHSA-3gw4-m5w7-v89c
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3gw4-m5w7-v89c
8
reference_url https://github.com/hyperledger/indy-node/security/advisories/GHSA-3gw4-m5w7-v89c
reference_id GHSA-3gw4-m5w7-v89c
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/hyperledger/indy-node/security/advisories/GHSA-3gw4-m5w7-v89c
fixed_packages
0
url pkg:pypi/indy-node@1.12.3
purl pkg:pypi/indy-node@1.12.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6u99-aw1g-kbd7
1
vulnerability VCID-9a6b-gqdc-2ybj
2
vulnerability VCID-rm6d-yc9t-u7c6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/indy-node@1.12.3
aliases CVE-2020-11090, GHSA-3gw4-m5w7-v89c, PYSEC-2020-47
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vppt-yg65-xbew
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/indy-node@1.1.33