github.com/ipfs/go-bitfield is vulnerable to Denial of Service (DoS) attacks. The vulnerability is due to the size parameter in the NewBitfield
and FromBytes
functions, as an attacker is able to trigger panics via injecting untrusted user input . The vulnerability occurs when the size is a not a multiple of 8 or is negative.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/ipfs/go-bitfield | eq | v1.0.0 | |
github.com/ipfs/go-bitfield | eq | v1.0.0 |