Zhang Lei

Name of the Vulnerable Software and Affected Versions: py-libp2p versions prior to 0.2.3 Description: py-libp2p versions prior to 0.2.3 are susceptible to a denial of service (resource consumption) issue. This occurs when a peer sends a large RSA key. Recommendations: Update py-libp2p to version 0.2.3 or later.

**Name of the Vulnerable Software and Affected Versions** SECRIL versions prior to SMR Jun-2022 Release 1 **Description** The issue is related to an improper input validation check logic, which allows attackers to trigger a crash. **Recommendations** For versions prior to SMR Jun-2022 Release 1, update to SMR Jun-2022 Release 1 or later to resolve the issue.