Security
Headlines

Headlines Latest CVEs

Headline

GHSA-mqr9-hjr8-2m9w: Content Censorship in the InterPlanetary File System (IPFS) via Kademlia DHT abuse

The Kademlia DHT (go-libp2p-kad-dht 0.20.0 and earlier) used in IPFS (0.18.1 and earlier) assigns routing information for content (i.e., information about who holds the content) to be stored by peers whose peer IDs have a small DHT distance from the content ID. This allows an attacker to censor content by generating many Sybil peers whose peer IDs have a small distance from the content ID, thus hijacking the content resolution process.

29 days ago

GitHub Advisory Database
GitHub Reviewed
CVE-2023-26248

Content Censorship in the InterPlanetary File System (IPFS) via Kademlia DHT abuse

Moderate severity GitHub Reviewed Published Oct 25, 2024 to the GitHub Advisory Database • Updated Oct 25, 2024

Package

gomod github.com/libp2p/go-libp2p-kad-dht (Go)

Affected versions

<= 0.20.0

Published to the GitHub Advisory Database

Oct 25, 2024

Last updated

Oct 25, 2024

ghsa: Latest News

GHSA-27wf-5967-98gx: Kubernetes kubelet arbitrary command execution

21 hours ago

GHSA-mr95-vfcf-fx9p: Apache Answer: Predictable Authorization Token Using UUIDv1

21 hours ago

GHSA-pqhp-25j4-6hq9: smol-toml has a Denial of Service via malicious TOML document using deeply nested inline tables

21 hours ago

GHSA-v5h2-q2w4-gpcx: Sentry improper error handling leaks Application Integration Client Secret

22 hours ago

GHSA-8w49-h785-mj3c: Tornado has an HTTP cookie parsing DoS vulnerability

22 hours ago