Lucene search
+L

54 matches found

NVD
NVD
added 2022/12/19 9:15 a.m.24 views

CVE-2022-47547

GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score and thus not be pruned from the network even though it continuously misbehaves by never forwarding topic messages...

5.3CVSS0.0053EPSS
Exploits1References1
OSV
OSV
added 2022/12/19 9:15 a.m.3 views

CVE-2022-47547

GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score and thus not be pruned from the network even though it continuously misbehaves by never forwarding topic messages...

5.3CVSS5.8AI score0.0053EPSS
Exploits1References1
Prion
Prion
added 2022/12/19 9:15 a.m.13 views

Code injection

GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score and thus not be pruned from the network even though it continuously misbehaves by never forwarding topic messages...

5CVSS5.3AI score0.0053EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/19 12:0 a.m.5 views

CVE-2022-47547

GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score and thus not be pruned from the network even though it continuously misbehaves by never forwarding topic messages...

5.3AI score0.0053EPSS
Exploits1References1
CVE
CVE
added 2022/12/19 12:0 a.m.53 views

CVE-2022-47547

GossipSub 1.1 (used in Ethereum 2.0) contains a vulnerability where a peer can continuously misbehave by not forwarding topic messages, yet maintain a positive score and avoid pruning. Root cause appears to be the peer scoring/penalty mechanism allowing misbehaving peers to stay in the network. D...

5.3CVSS5.2AI score0.0053EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/12/19 12:0 a.m.4 views

GossipSub 安全漏洞

Gossipsub is an extensible benchmark pubsub protocol based on randomized topic grids and Gossip. GossipSub version 1.1 suffers from a security vulnerability that stems from allowing a peer to maintain a positive score even though it continually misbehaves by never forwarding topic messages...

5.3CVSS5.8AI score0.0053EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/12/19 12:0 a.m.27 views

CVE-2022-47547

GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score and thus not be pruned from the network even though it continuously misbehaves by never forwarding topic messages...

5.5AI score0.0053EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/12/19 12:0 a.m.4 views

PT-2022-28072 · Gossipsub · Gossipsub

Name of the Vulnerable Software and Affected Versions: GossipSub version 1.1 Description: The issue allows a peer to maintain a positive score and remain in the network despite continuously misbehaving by not forwarding topic messages. This affects GossipSub 1.1 as used for Ethereum 2.0...

5.3CVSS5.1AI score0.0053EPSS
Exploits1References3
CNVD
CNVD
added 2020/07/08 12:0 a.m.8 views

Unspecified Vulnerability in Gossipsub

Gossipsub is a scalable benchmark pubsub protocol based on randomized topic grids and Gossip. A security vulnerability exists in Gossipsub version 1.0, which stems from the program's failure to implement relevant security protections against invalid spam messages. An attacker can exploit this...

9.8CVSS6.8AI score0.01937EPSS
Exploits1References1
NVD
NVD
added 2020/07/07 8:15 p.m.18 views

CVE-2020-12821

Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack...

9.8CVSS0.01937EPSS
Exploits1References5
OSV
OSV
added 2020/07/07 8:15 p.m.4 views

CVE-2020-12821

Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack...

9.8CVSS7.3AI score0.01937EPSS
Exploits1References5
Prion
Prion
added 2020/07/07 8:15 p.m.15 views

Code injection

Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack...

7.5CVSS9.4AI score0.01937EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2020/07/07 7:18 p.m.53 views

CVE-2020-12821

CVE-2020-12821 affects Gossipsub 1.0 and involves inadequate resistance to invalid message spam, enabling eclipse or Sybil attacks. Descriptions across Red Hat, NVD, CNVD, and related records consistently state that Gossipsub 1.0 can be exploited by sending invalid messages to disrupt/pubsub inte...

9.8CVSS9.3AI score0.01937EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2020/07/07 7:18 p.m.20 views

CVE-2020-12821

Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack...

9.5AI score0.01937EPSS
Exploits1References5
Rows per page
Query Builder