Lucene search
Veracode Vulnerability DatabaseVERACODE:39248HistoryFeb 14, 2023 - 2:05 a.m.
Denial Of Service (DoS)
2023-02-1402:05:48
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
software vulnerability
dos
memory leaks
application crash
input data
hamt directory nodes
0.001 Low
EPSS
Percentile
38.0%
github.com/ipfs/go-unixfs is vulnerable to Denial Of Service (DoS). The vulnerability exists because hamt.go doesn’t properly handle malformed HAMT structures while reading data in the bogus fanout parameter in the HAMT directory nodes, which leads to memory leaks, allowing an attacker to cause an application crash through maliciously crafted input data.
Related
cve
cve
CVE-2023-23625
2023-02-09 21:15:11
prion
prion
Design/Logic Flaw
2023-02-09 21:15:00
cvelist
cvelist
CVE-2023-23625 Denial of service in HAMT Decoding in go-unixfs
2023-02-09 20:57:22
osv
osv
Denial of service via HAMT Decoding Panics
2023-02-10 23:08:06
Denial of service via HAMT decoding panic in github.com/ipfs/go-unixfs
2023-02-14 19:34:46
CVE-2023-23625
2023-02-09 21:15:11
nvd
nvd
CVE-2023-23625
2023-02-09 21:15:11
github
github
Denial of service via HAMT Decoding Panics
2023-02-10 23:08:06