VulnerableCode Package Details - pkg:npm/libp2p-secio@0.9.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:npm/libp2p-secio@0.9.0

Essentials
History (4)

purl	pkg:npm/libp2p-secio@0.9.0

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-8j73-v8ba-zqgq	Identity Spoofing in libp2p-secio	GHSA-rch7-f4h5-x9rj GMS-2019-131
VCID-wthq-784k-wuhy	Identity Spoofing libp2p-secio is not correctly checking the that the PeerId of the DstPeer matched the PeerId that the peer learns through the Crypto Handshake creating a high severity vulnerability as the purpose of SECIO is to authenticate the other Peer.	GMS-2018-2

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-31T19:14:44.528044+00:00	GitLab Importer	Fixing	VCID-8j73-v8ba-zqgq	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/libp2p-secio/GMS-2019-131.yml	38.6.0
2026-05-31T11:19:03.129947+00:00	GithubOSV Importer	Fixing	VCID-8j73-v8ba-zqgq	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/08/GHSA-rch7-f4h5-x9rj/GHSA-rch7-f4h5-x9rj.json	38.6.0
2026-05-31T00:51:53.792308+00:00	GHSA Importer	Fixing	VCID-8j73-v8ba-zqgq	https://github.com/advisories/GHSA-rch7-f4h5-x9rj	38.6.0
2026-05-30T20:53:20.753469+00:00	GitLab Importer	Fixing	VCID-wthq-784k-wuhy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/libp2p-secio/GMS-2018-2.yml	38.6.0