Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Kademlia DHT (go-libp2p-kad-dht 0.20.0 and earlier) used in IPFS (0.18.1 and earlier) assigns routing information for content (i.e., information about who holds the content) to be stored by peers whose peer IDs have a small DHT distance from the content ID. This allows an attacker to censor content by generating many Sybil peers whose peer IDs have a small distance from the content ID, thus hijacking the content resolution process.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
go-libp2p-kad-dht 安全漏洞
Vulnerability Description
go-libp2p-kad-dht是libp2p开源的一个分布式散列表算法。 go-libp2p-kad-dht 0.20.0及之前版本存在安全漏洞,该漏洞源于允许攻击者通过生成许多对等ID与内容ID的距离很小的Sybil对等点来审查内容,从而劫持内容解析过程。
CVSS Information
N/A
Vulnerability Type
N/A