7 matches found
EUVD-2023-0622
Malicious code in bioql PyPI...
EUVD-2023-0769
Malicious code in bioql PyPI...
CVE-2023-23625
go-unixfs is an implementation of a unix-like filesystem on top of an ipld merkledag. Trying to read malformed HAMT sharded directories can cause panics and virtual memory leaks. If you are reading untrusted user input, an attacker can then trigger a panic. This is caused by bogus fanout paramete...
CVE-2023-23631
github.com/ipfs/go-unixfsnode is an ADL IPLD prime node that wraps go-codec-dagpb's implementation of protobuf to enable pathing. In versions priot to 1.5.2 trying to read malformed HAMT sharded directories can cause panics and virtual memory leaks. If you are reading untrusted user input, an...
Design/Logic Flaw
go-unixfs is an implementation of a unix-like filesystem on top of an ipld merkledag. Trying to read malformed HAMT sharded directories can cause panics and virtual memory leaks. If you are reading untrusted user input, an attacker can then trigger a panic. This is caused by bogus fanout paramete...
PT-2023-19092 · Unknown · Go-Unixfsnode
Name of the Vulnerable Software and Affected Versions: go-unixfsnode versions prior to 1.5.2 Description: The issue is caused by a bogus fanout parameter in the HAMT directory nodes, which can lead to panics and virtual memory leaks when trying to read malformed HAMT sharded directories. If...
PT-2023-19085 · Go-Unixfs · Go-Unixfs
Name of the Vulnerable Software and Affected Versions: go-unixfs versions prior to 0.4.3 Description: The issue is caused by trying to read malformed HAMT sharded directories, which can lead to panics and virtual memory leaks. If untrusted user input is being read, an attacker can trigger a panic...