Skip to main content

Gossipsub

2 CVEs product

Monthly

CVE-2022-47547 MEDIUM POC This Month

GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score (and thus not be pruned from the network) even though it continuously misbehaves by never forwarding topic messages. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Gossipsub
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2020-12821 CRITICAL POC PATCH Act Now

Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Gossipsub
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
EPSS 1% CVSS 5.3
MEDIUM POC This Month

GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score (and thus not be pruned from the network) even though it continuously misbehaves by never forwarding topic messages. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Gossipsub
NVD
EPSS 2% CVSS 9.8
CRITICAL POC PATCH Act Now

Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Gossipsub
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy