54 matches found
CVE-2022-47547
GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score and thus not be pruned from the network even though it continuously misbehaves by never forwarding topic messages...
CVE-2022-47547
GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score and thus not be pruned from the network even though it continuously misbehaves by never forwarding topic messages...
Code injection
GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score and thus not be pruned from the network even though it continuously misbehaves by never forwarding topic messages...
CVE-2022-47547
GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score and thus not be pruned from the network even though it continuously misbehaves by never forwarding topic messages...
CVE-2022-47547
GossipSub 1.1 (used in Ethereum 2.0) contains a vulnerability where a peer can continuously misbehave by not forwarding topic messages, yet maintain a positive score and avoid pruning. Root cause appears to be the peer scoring/penalty mechanism allowing misbehaving peers to stay in the network. D...
GossipSub 安全漏洞
Gossipsub is an extensible benchmark pubsub protocol based on randomized topic grids and Gossip. GossipSub version 1.1 suffers from a security vulnerability that stems from allowing a peer to maintain a positive score even though it continually misbehaves by never forwarding topic messages...
CVE-2022-47547
GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score and thus not be pruned from the network even though it continuously misbehaves by never forwarding topic messages...
PT-2022-28072 · Gossipsub · Gossipsub
Name of the Vulnerable Software and Affected Versions: GossipSub version 1.1 Description: The issue allows a peer to maintain a positive score and remain in the network despite continuously misbehaving by not forwarding topic messages. This affects GossipSub 1.1 as used for Ethereum 2.0...
Unspecified Vulnerability in Gossipsub
Gossipsub is a scalable benchmark pubsub protocol based on randomized topic grids and Gossip. A security vulnerability exists in Gossipsub version 1.0, which stems from the program's failure to implement relevant security protections against invalid spam messages. An attacker can exploit this...
CVE-2020-12821
Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack...
CVE-2020-12821
Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack...
Code injection
Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack...
CVE-2020-12821
CVE-2020-12821 affects Gossipsub 1.0 and involves inadequate resistance to invalid message spam, enabling eclipse or Sybil attacks. Descriptions across Red Hat, NVD, CNVD, and related records consistently state that Gossipsub 1.0 can be exploited by sending invalid messages to disrupt/pubsub inte...
CVE-2020-12821
Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack...