目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

libp2p 厂商漏洞列表 / CVE 中文分析 13

libp2p 厂商相关 13 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

libp2p 是一个开源网络框架,用于构建去中心化应用程序的点对点通信系统。历史上常见漏洞包括远程代码执行、拒绝服务攻击和权限绕过问题。该项目曾因协议实现缺陷导致多个安全事件,包括中间人攻击和数据泄露风险。尽管存在安全挑战,其模块化设计仍支持多种加密协议,为开发者提供了灵活的安全配置选项,但需定期更新以防范已知漏洞。

上位製品 libp2p: rust-libp2p go-libp2p rust-yamux js-libp2p py-libp2p
CVE IDタイトルCVSS深刻度公開日
CVE-2026-35457 libp2p-rust has unbounded rendezvous DISCOVER cookies enable remote memory exhaustion — rust-libp2pCWE-770 8.2 High2026-04-07
CVE-2026-35405 libp2p-rendezvous: Unlimited namespace registrations per peer enables OOM DoS on rendezvous servers — rust-libp2pCWE-770 7.5 High2026-04-07
CVE-2026-34219 libp2p-gossipsub: Gossipsub PRUNE Backoff Heartbeat Instant Overflow — rust-libp2pCWE-190 7.5AIHighAI2026-03-31
CVE-2026-33040 libp2p-rust: Gossipsub PRUNE.backoff Duration Overflow — rust-libp2pCWE-190 7.5 -2026-03-20
CVE-2026-32314 Yamux remote Panic via malformed Data frame with SYN set and len = 262145 — rust-yamuxCWE-248 7.5AIHighAI2026-03-13
CVE-2026-31814 Yamux remote Panic via malformed WindowUpdate credit — rust-yamuxCWE-190 7.5 -2026-03-13
CVE-2025-29606 py-libp2p 安全漏洞 — py-libp2pCWE-770 4.3 Medium2025-07-14
CVE-2024-32984 Yamux Memory Exhaustion Vulnerability via Active::pending_frames property — rust-yamuxCWE-400 7.5 High2024-05-01
CVE-2023-40583 libp2p nodes vulnerable to OOM attack — go-libp2pCWE-400 7.5 High2023-08-25
CVE-2023-39533 libp2p nodes vulnerable to attack using large RSA keys — go-libp2pCWE-770 7.5 High2023-08-08
CVE-2022-23492 go-libp2p denial of service vulnerability from lack of resource management — go-libp2pCWE-400 7.5 High2022-12-08
CVE-2022-23487 libp2p denial of service vulnerability from lack of resource management — js-libp2pCWE-400 7.5 High2022-12-07
CVE-2022-23486 libp2p-rust denial of service vulnerability from lack of resource management — rust-libp2pCWE-400 7.5 High2022-12-07

本页汇总了 libp2p 厂商截至目前公开的全部 13 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。