Impact
This vulnerability affects the ibc-go package for those running full nodes, dubbed "Huckleberry". According to their advisory:
This issue is low-severity in general, and it has a low impact and likelihood of exploitation. Depending on how a full node is architected, this issue could potentially yield a high or critical severity vulnerability.
There is no vulnerability in the DID/resource modules for cheqd-node.
Patches
Node operators are requested to upgrade to cheqd-node v1.4.2. This is a non-state breaking release, and does not require a coordinated upgrade across all node operators.
Workarounds
No. Node operators are recommended to upgrade to the latest release version.
References
References
Impact
This vulnerability affects the
ibc-gopackage for those running full nodes, dubbed "Huckleberry". According to their advisory:There is no vulnerability in the DID/resource modules for cheqd-node.
Patches
Node operators are requested to upgrade to cheqd-node v1.4.2. This is a non-state breaking release, and does not require a coordinated upgrade across all node operators.
Workarounds
No. Node operators are recommended to upgrade to the latest release version.
References
ibc-gov6.1.1 release notesReferences