Severity: Critical
CVSS Score: 9.1
Affected versions of `libp2p-secio` does not correctly verify that the `PeerId` of `DstPeer` matches the `PeerId` discovered in the crypto handshake, resulting in a high severity identity spoofing vulnerability. ## Recommendation Update to version 0.9.0 or later.