← back
CVE-2020-12821

CVE-2020-12821

EPSS 1.9%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.9%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
07 Jul 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bitcoin.stackexchange.com/questions/61151/eclipse-attack-vs-sybil-attackhttps://gateway.ipfs.io/ipfs/QmPWuNBs8h6a8KamRvGqhTq5UDYJRQsEEy37zDKjujQQQm/Gossipsub%20Evaluation%20Report.pdfhttps://github.com/ipfs/blog/pull/450https://github.com/libp2p/specs/blob/master/pubsub/gossipsub/gossipsub-v1.1.mdhttps://github.com/libp2p/specs/tree/master/pubsub/gossipsub