Описание
Control character injection in console output in github.com/ipfs/go-ipfs
Impact
Control characters are not escaped from console output. This can result in hiding input from the user which could result in the user taking an unknown, malicious action.
Patches
- Patched via https://github.com/ipfs/go-ipfs/pull/7831 in v0.8.0
For more information
If you have any questions or comments about this advisory:
- Open an issue in go-ipfs
- Email us at security@ipfs.io
Пакеты
github.com/ipfs/go-ipfs
< 0.8.0
0.8.0
Связанные уязвимости
go-ipfs is an open-source golang implementation of IPFS which is a global, versioned, peer-to-peer filesystem. In go-ipfs before version 0.8.0, control characters are not escaped from console output. This can result in hiding input from the user which could result in the user taking an unknown, malicious action. This is fixed in version 0.8.0.
go-ipfs is an open-source golang implementation of IPFS which is a glo ...