2 matches found
CVE-2020-26283
CVE-2020-26283 affects go-ipfs prior to v0.8.0, where control characters are not escaped in console output, potentially enabling a user to be tricked into performing unintended actions. The issue is clearly described across multiple sources (GitHub advisory GHSA-r4gv-vj59-cccm and OSV/CVE records...
CVE-2020-26279
The CVE-2020-26279 issue affects go-ipfs (Go implementation of IPFS): path traversal can occur when retrieving DAGs that contain relative paths, potentially overwriting files or writing to unintended output directories. The vulnerability manifests only during ipfs get operations on affected DAGs ...