Gossipsub 1.0 Insufficient Information Vulnerability

Summary

Gossipsub 1.0 suffers from insufficient information vulnerability

Credit:

The information has been provided by Vendor

The original article can be found at:https://gateway.ipfs.io/ipfs/QmPWuNBs8h6a8KamRvGqhTq5UDYJRQsEEy37zDKjujQQQm/Gossipsub%20Evaluation%20Report.pdf


Details

Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack.

 

Vulnerable Systems:

Gossipsub 1.0

 

CVE Information:

CVE-2020-12821

 

Disclosure Timeline:
Published Date:7/7/2020

Categories: News