GHSA-p2gm-ffr3-w2xw: Nervos CKB vulnerable to low-resource flood DDoS attacks through network message

February 8, 2023

Workarounds

forbid request genesis through network request
forbid requesting duplicate data through network request

References

github.com/advisories/GHSA-p2gm-ffr3-w2xw
github.com/nervosnetwork/ckb
github.com/nervosnetwork/ckb/security/advisories/GHSA-p2gm-ffr3-w2xw

Detect and mitigate GHSA-p2gm-ffr3-w2xw with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →