CVE-2020-26283 - go-ipfs is an open-source golang implementation of IPFS which is a global - CVEs Blog

go-ipfs is an open-source golang implementation of IPFS which is a global, versioned, peer-to-peer filesystem. In go-ipfs before version 0.8.0, control characters are not escaped from console output. This can result in hiding input from the user which could result in the user taking an unknown, malicious action. This is fixed in version 0.8.0.

Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26283

Reference (s):

https://github.com/ipfs/go-ipfs/security/advisories/GHSA-r4gv-vj59-cccm
URL: https://github.com/ipfs/go-ipfs/security/advisories/GHSA-r4gv-vj59-cccm
https://github.com/ipfs/go-ipfs/commit/fb0a9acd2d8288bd1028c3219a420de62a09683a
URL: https://github.com/ipfs/go-ipfs/commit/fb0a9acd2d8288bd1028c3219a420de62a09683a
https://github.com/ipfs/go-ipfs/pull/7831

CVE-2020-26283 – go-ipfs is an open-source golang implementation of IPFS which is a global

Something Fresh

CVE-2004-1715 - Directory traversal vulnerability in MIMEsweeper for Web before 5.0.4 all

CVE-2020-27216 - In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 1

CVE-2020-27212 - STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect acce

What People Reading

CVE-2020-11610 - An issue was discovered in xdLocalStorage through 2.0.5. The postData() f

CVE-2020-27199 - The Magic Home Pro application 1.5.1 for Android allows Authentication By

CVE-2015-0320 - Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and

CVE-2004-1715 - Directory traversal vulnerability in MIMEsweeper for Web before 5.0.4 all

CVE-2020-27212 - STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect acce

Categories

Partners

Just add here your partners image or promo text