Lucene search
+L

6 matches found

NVD
NVD
added 2022/12/08 10:15 p.m.54 views

CVE-2022-23495

go-merkledag implements the 'DAGService' interface and adds two ipld node types, Protobuf and Raw for the ipfs project. A ProtoNode may be modified in such a way as to cause various encode errors which will trigger a panic on common method calls that don't allow for error returns. A ProtoNode...

7.5CVSS0.01254EPSS
Exploits0References9
Prion
Prion
added 2022/12/08 10:15 p.m.19 views

Input validation

go-merkledag implements the 'DAGService' interface and adds two ipld node types, Protobuf and Raw for the ipfs project. A ProtoNode may be modified in such a way as to cause various encode errors which will trigger a panic on common method calls that don't allow for error returns. A ProtoNode...

5CVSS7.4AI score0.01254EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2022/12/08 9:25 p.m.49 views

CVE-2022-23495 ProtoNode may be modified such that common method calls may panic in ipfs/go-merkledag

go-merkledag implements the 'DAGService' interface and adds two ipld node types, Protobuf and Raw for the ipfs project. A ProtoNode may be modified in such a way as to cause various encode errors which will trigger a panic on common method calls that don't allow for error returns. A ProtoNode...

7.5CVSS7.6AI score0.01254EPSS
Exploits0References9
CVE
CVE
added 2022/12/08 9:25 p.m.107 views

CVE-2022-23495

CVE-2022-23495 concerns go-merkledag where a modified or decoded ProtoNode can be placed into an unencodeable form, causing encode errors that panic on calls that do not return errors. This behavior is tied to the DAGService/IPLD node handling and may be triggered by inputs using a non-validated ...

7.5CVSS7.4AI score0.01254EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2022/12/08 9:25 p.m.42 views

CVE-2022-23495 ProtoNode may be modified such that common method calls may panic in ipfs/go-merkledag

go-merkledag implements the 'DAGService' interface and adds two ipld node types, Protobuf and Raw for the ipfs project. A ProtoNode may be modified in such a way as to cause various encode errors which will trigger a panic on common method calls that don't allow for error returns. A ProtoNode...

7.5CVSS7.3AI score0.01254EPSS
Exploits0References11
CNNVD
CNNVD
added 2022/12/08 12:0 a.m.7 views

go-merkledag 安全漏洞

go-merkledag is an IPFS open source library . It implements the DAGService interface. A security vulnerability exists in go-merkledag that stems from the possibility that its ProtoNode could be modified in a way that causes various coding errors that would trigger panics on common method calls th...

7.5CVSS7.2AI score0.01254EPSS
Exploits0References10
Rows per page
Query Builder