GHSA-p2gm-ffr3-w2xw

Suggest an improvement
Source
https://github.com/advisories/GHSA-p2gm-ffr3-w2xw
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/02/GHSA-p2gm-ffr3-w2xw/GHSA-p2gm-ffr3-w2xw.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-p2gm-ffr3-w2xw
Published
2023-02-08T18:17:06Z
Modified
2023-02-08T18:17:06Z
Summary
Nervos CKB vulnerable to low-resource flood DDoS attacks through network message
Details

Workarounds

  • forbid request genesis through network request
  • forbid requesting duplicate data through network request
Database specific 
{
    "nvd_published_at": null,
    "cwe_ids": [],
    "severity": "LOW",
    "github_reviewed": true,
    "github_reviewed_at": "2023-02-08T18:17:06Z"
}
References

Affected packages

crates.io / ckb

Package

Name
ckb
View open source insights on deps.dev
Purl
pkg:cargo/ckb

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.101.4