Linux Distros Unpatched Vulnerability : CVE-2023-0842

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xml2js version 0.4.23 allows an external attacker to edit or add new properties to an object. This is possible because the application does not properly validat...

Access Restriction Bypass in go-ipfs

An issue was discovered in IPFS aka go-ipfs 0.4.23. An attacker can generate ephemeral identities Sybils and leverage the IPFS connection management reputation system to poison other nodes' routing tables, eclipsing the nodes that are the target of the attack from the rest of the network. Later...

GHSA-R23H-3JMW-Q7HR Access Restriction Bypass in go-ipfs

An issue was discovered in IPFS aka go-ipfs 0.4.23. An attacker can generate ephemeral identities Sybils and leverage the IPFS connection management reputation system to poison other nodes' routing tables, eclipsing the nodes that are the target of the attack from the rest of the network. Later...

CVE-2023-0842

xml2js version 0.4.23 allows an external attacker to edit or add new properties to an object. This is possible because the application does not properly validate incoming JSON keys, thus allowing the proto property to be edited...

Code injection

An issue was discovered in IPFS aka go-ipfs 0.4.23. An attacker can generate ephemeral identities Sybils and leverage the IPFS connection management reputation system to poison other nodes' routing tables, eclipsing the nodes that are the target of the attack from the rest of the network. Later...