CVE-2026-47249: Vulnerable Libp2p Dependency
The application relies on an outdated version of libp2p (< v0.43.0) which is vulnerable to an ICMP packet attack leading to Denial of Service (CVE-2026-47249). Please update github.com/libp2p/go-libp2p to v0.43.0 or higher. Use an SCA tool for optimal tracking of vulnerable dependencies.
Provally CuratedPublic repositoryHighMedium confidenceVerifiedApache-2.0Generic
greprules fetch cve-2026-47249-vulnerable-libp2p-dependency --engine opengrepDescription
The application relies on an outdated version of libp2p (< v0.43.0) which is vulnerable to an ICMP packet attack leading to Denial of Service (CVE-2026-47249). Please update github.com/libp2p/go-libp2p to v0.43.0 or higher. Use an SCA tool for optimal tracking of vulnerable dependencies.
Community feedback
0 signals from signed-in users.
- Useful
- 0
- False positive
- 0
- Metadata
- 0