VYPR

npm package

libp2p

pkg:npm/libp2p

Vulnerabilities (1)

  • CVE-2022-23487Dec 7, 2022
    affected < 0.38.0fixed 0.38.0

    js-libp2p is the official javascript Implementation of libp2p networking stack. Versions older than `v0.38.0` of js-libp2p are vulnerable to targeted resource exhaustion attacks. These attacks target libp2p’s connection, stream, peer, and memory management. An attacker can cause