CVE-2022-47547

GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score and thus not be pruned from the network even though it continuously misbehaves by never forwarding topic messages...

CVE-2022-47547

GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score and thus not be pruned from the network even though it continuously misbehaves by never forwarding topic messages...

CVE-2022-47547

GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score and thus not be pruned from the network even though it continuously misbehaves by never forwarding topic messages...

CVE-2022-47547

GossipSub 1.1 (used in Ethereum 2.0) contains a vulnerability where a peer can continuously misbehave by not forwarding topic messages, yet maintain a positive score and avoid pruning. Root cause appears to be the peer scoring/penalty mechanism allowing misbehaving peers to stay in the network. D...

PT-2022-28072 · Gossipsub · Gossipsub

Name of the Vulnerable Software and Affected Versions: GossipSub version 1.1 Description: The issue allows a peer to maintain a positive score and remain in the network despite continuously misbehaving by not forwarding topic messages. This affects GossipSub 1.1 as used for Ethereum 2.0...

Teatime - An RPC Attack Framework For Blockchain Nodes

Teatime is an RPC attack framework aimed at making it easy to spot misconfigurations in blockchain nodes. It detects a large variety of issues, ranging from information leaks to open accounts, and configuration manipulation. The goal is to enable tools scanning for vulnerable nodes and minimizing...