Lucene search
K

9 matches found

Cvelist
Cvelist
added 2026/06/10 9:9 p.m.32 views

CVE-2026-45783 libp2p: Unvalidated PUT_VALUE records allow unbounded disk exhaustion on DHT server nodes

libp2p is a JavaScript Implementation of libp2p networking stack. Prior to version 16.2.6, an unauthenticated remote peer can exhaust the disk storage of any @libp2p/kad-dht node running in server mode by sending an unbounded stream of PUTVALUE messages whose keys bypass all content validation. N...

7.5CVSS0.00354EPSS
Exploits0References1
NVD
NVD
added 2026/05/20 10:16 p.m.26 views

CVE-2026-40092

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In versions 1.3.0 and below, a malicious network peer can crash any Nimiq full node by publishing a crafted Kademlia DHT record. The maliciously crafted record would contain a TaggedSigned with a signature field...

7.5CVSS0.00626EPSS
Exploits0References4
OSV
OSV
added 2024/10/25 6:30 p.m.10 views

GHSA-MQR9-HJR8-2M9W Content Censorship in the InterPlanetary File System (IPFS) via Kademlia DHT abuse

The Kademlia DHT go-libp2p-kad-dht 0.20.0 and earlier used in IPFS 0.18.1 and earlier assigns routing information for content i.e., information about who holds the content to be stored by peers whose peer IDs have a small DHT distance from the content ID. This allows an attacker to censor content...

5.3CVSS5AI score0.00201EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/10/25 6:30 p.m.11 views

Content Censorship in the InterPlanetary File System (IPFS) via Kademlia DHT abuse

The Kademlia DHT go-libp2p-kad-dht 0.20.0 and earlier used in IPFS 0.18.1 and earlier assigns routing information for content i.e., information about who holds the content to be stored by peers whose peer IDs have a small DHT distance from the content ID. This allows an attacker to censor content...

5.3CVSS6.2AI score0.00201EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2024/10/25 4:15 p.m.17 views

CVE-2023-26248

The Kademlia DHT go-libp2p-kad-dht 0.20.0 and earlier used in IPFS 0.18.1 and earlier assigns routing information for content i.e., information about who holds the content to be stored by peers whose peer IDs have a small DHT distance from the content ID. This allows an attacker to censor content...

5.3CVSS0.00201EPSS
Exploits0References2
OSV
OSV
added 2024/10/25 4:15 p.m.4 views

CVE-2023-26248

The Kademlia DHT go-libp2p-kad-dht 0.20.0 and earlier used in IPFS 0.18.1 and earlier assigns routing information for content i.e., information about who holds the content to be stored by peers whose peer IDs have a small DHT distance from the content ID. This allows an attacker to censor content...

5.3CVSS5.8AI score0.00201EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/25 12:0 a.m.19 views

CVE-2023-26248

The Kademlia DHT go-libp2p-kad-dht 0.20.0 and earlier used in IPFS 0.18.1 and earlier assigns routing information for content i.e., information about who holds the content to be stored by peers whose peer IDs have a small DHT distance from the content ID. This allows an attacker to censor content...

0.00201EPSS
Exploits0References2
CVE
CVE
added 2024/10/25 12:0 a.m.69 views

CVE-2023-26248

CVE-2023-26248 describes a content-censorship vulnerability in the Kademlia DHT used by IPFS (go-libp2p-kad-dht 0.20.0 and earlier; IPFS 0.18.1 and earlier). The issue arises because routing information for content can be stored by peers whose DHT distance to the content ID is small, enabling an ...

5.3CVSS6AI score0.00201EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/25 12:0 a.m.12 views

CVE-2023-26248

The Kademlia DHT go-libp2p-kad-dht 0.20.0 and earlier used in IPFS 0.18.1 and earlier assigns routing information for content i.e., information about who holds the content to be stored by peers whose peer IDs have a small DHT distance from the content ID. This allows an attacker to censor content...

6.5AI score0.00201EPSS
Exploits0References2
Rows per page
Query Builder