Описание
go-ipfs is an open-source golang implementation of IPFS which is a global, versioned, peer-to-peer filesystem. In go-ipfs before version 0.8.0, control characters are not escaped from console output. This can result in hiding input from the user which could result in the user taking an unknown, malicious action. This is fixed in version 0.8.0.
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.8.0 (исключая)
cpe:2.3:a:protocol:go-ipfs:*:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00858
Низкий
6.8 Medium
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-116
Связанные уязвимости
CVSS3: 6.8
debian
почти 5 лет назад
go-ipfs is an open-source golang implementation of IPFS which is a glo ...
CVSS3: 6.8
github
больше 4 лет назад
Control character injection in console output in github.com/ipfs/go-ipfs
EPSS
Процентиль: 75%
0.00858
Низкий
6.8 Medium
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-116