Name of the Vulnerable Software and Affected Versions Hyperledger Iroha versions v1.0 beta through v1.0.0 beta-1

Description The issue allows a single node to bypass transaction and block signature verification in the transaction and block validator. This can be achieved by signing a transaction and/or block multiple times, each with a random nonce, and having other validating nodes accept them as separate valid signatures.

Recommendations For Hyperledger Iroha versions v1.0 beta through v1.0.0 beta-1, consider temporarily restricting the transaction and block validator to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.