github.com/ipfs/go-ipfs

Go3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting github.com/ipfs/go-ipfspage 1 of 1

CVE-2020-10937HIGHCVSS 7.5EG 7.5✓ Fixed in 0.7.0
2020-11-02
An issue was discovered in IPFS (aka go-ipfs) 0.4.23. An attacker can generate ephemeral identities (Sybils) and leverage the IPFS connection management reputation system to poison other nodes' routing tables, eclipsing the nodes that are …
CVE-2020-26279HIGHCVSS 7.7EG 7.7✓ Fixed in 0.8.0
2021-03-24
go-ipfs is an open-source golang implementation of IPFS which is a global, versioned, peer-to-peer filesystem. In go-ipfs before version 0.8.0-rc1, it is possible for path traversal to occur with DAGs containing relative paths during retri…
CVE-2020-26283MEDIUMCVSS 6.8EG 6.8✓ Fixed in 0.8.0
2021-03-24
go-ipfs is an open-source golang implementation of IPFS which is a global, versioned, peer-to-peer filesystem. In go-ipfs before version 0.8.0, control characters are not escaped from console output. This can result in hiding input from th…

Check whether github.com/ipfs/go-ipfs is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/ipfs/go-ipfs CVEs against the assets you own.

Start Free Scan →