Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:12 a.m.6 views

CVE-2023-23625

go-unixfs is an implementation of a unix-like filesystem on top of an ipld merkledag. Trying to read malformed HAMT sharded directories can cause panics and virtual memory leaks. If you are reading untrusted user input, an attacker can then trigger a panic. This is caused by bogus fanout paramete...

7.5CVSS6.6AI score0.00675EPSS
Exploits0References1
OSV
OSV
added 2023/02/14 7:34 p.m.21 views

GO-2023-1557 Denial of service via HAMT decoding panic in github.com/ipfs/go-unixfs

Trying to read malformed HAMT sharded directories can cause panics and virtual memory leaks. If you are reading untrusted user input, an attacker can then trigger a panic. This is caused by bogus "fanout" parameter in the HAMT directory nodes. A workaround is to not feed untrusted user data to th...

7.5CVSS6.2AI score0.00675EPSS
Exploits0References2
NVD
NVD
added 2023/02/09 9:15 p.m.17 views

CVE-2023-23625

go-unixfs is an implementation of a unix-like filesystem on top of an ipld merkledag. Trying to read malformed HAMT sharded directories can cause panics and virtual memory leaks. If you are reading untrusted user input, an attacker can then trigger a panic. This is caused by bogus fanout paramete...

7.5CVSS6.1AI score0.00675EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/02/09 8:57 p.m.8 views

CVE-2023-23625 Denial of service in HAMT Decoding in go-unixfs

go-unixfs is an implementation of a unix-like filesystem on top of an ipld merkledag. Trying to read malformed HAMT sharded directories can cause panics and virtual memory leaks. If you are reading untrusted user input, an attacker can then trigger a panic. This is caused by bogus fanout paramete...

5.9CVSS6.6AI score0.00675EPSS
Exploits0References2
OSV
OSV
added 2023/02/09 8:57 p.m.22 views

CVE-2023-23625 Denial of service in HAMT Decoding in go-unixfs

go-unixfs is an implementation of a unix-like filesystem on top of an ipld merkledag. Trying to read malformed HAMT sharded directories can cause panics and virtual memory leaks. If you are reading untrusted user input, an attacker can then trigger a panic. This is caused by bogus fanout paramete...

5.9CVSS7.4AI score0.00675EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/02/09 8:57 p.m.25 views

CVE-2023-23625 Denial of service in HAMT Decoding in go-unixfs

go-unixfs is an implementation of a unix-like filesystem on top of an ipld merkledag. Trying to read malformed HAMT sharded directories can cause panics and virtual memory leaks. If you are reading untrusted user input, an attacker can then trigger a panic. This is caused by bogus fanout paramete...

5.9CVSS7.6AI score0.00675EPSS
Exploits0References2
CVE
CVE
added 2023/02/09 8:57 p.m.63 views

CVE-2023-23625

CVE-2023-23625 affects go-unixfs, an implementation atop ipld merkledag. A malformed HAMT sharded directory with a bogus fanout parameter can trigger panics and virtual memory leaks when decoding untrusted input. Affected version is prior to 0.4.3; upgrade to 0.4.3 or apply safe decoding practice...

7.5CVSS6.3AI score0.00675EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/02/09 12:0 a.m.2 views

PT-2023-19085 · Go-Unixfs · Go-Unixfs

Name of the Vulnerable Software and Affected Versions: go-unixfs versions prior to 0.4.3 Description: The issue is caused by trying to read malformed HAMT sharded directories, which can lead to panics and virtual memory leaks. If untrusted user input is being read, an attacker can trigger a panic...

7.5CVSS7.1AI score0.00675EPSS
Exploits0References10
CNNVD
CNNVD
added 2023/02/09 12:0 a.m.4 views

go-unixfs 资源管理错误漏洞

go-unixfs is an implementation of a unix-like filesystem utility on top of ipld merkledag. A resource management error vulnerability exists in go-unixfs versions prior to 0.4.3, which stems from an attempt to read an incorrectly formatted HAMT slice directory that could lead to panic and virtual...

7.5CVSS7.3AI score0.00675EPSS
Exploits0References4
Rows per page
Query Builder