GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
8 advisories
github.com/ipfs/kubo affected by DOS Bitswap unbounded persistent memory leak
Moderate
GHSA-qvqg-6rp8-4p9h
was published
for
github.com/ipfs/kubo
(Go)
May 11, 2023
github.com/ipfs/go-bitswap vulnerable to DOS unbounded persistent memory leak
High
GHSA-q3j6-22wf-3jh9
was published
for
github.com/ipfs/go-bitswap
(Go)
May 11, 2023
Boxo bitswap/server: DOS unbounded persistent memory leak
High
CVE-2023-25568
was published
for
github.com/ipfs/go-libipfs
(Go)
May 11, 2023
Denial of service via HAMT Decoding Panics
Moderate
CVE-2023-23625
was published
for
github.com/ipfs/go-unixfs
(Go)
Feb 10, 2023
IPFS go-unixfsnode subject to DOS via HAMT Decoding Panics
High
CVE-2023-23631
was published
for
github.com/ipfs/go-unixfsnode
(Go)
Feb 10, 2023
IPFS go-bitfield vulnerable to DoS via malformed size arguments
Moderate
CVE-2023-23626
was published
for
github.com/ipfs/go-bitfield
(Go)
Feb 10, 2023
DOS and excessive memory usage when passing untrusted user input to to dag import
Moderate
GHSA-f2gr-7299-487h
was published
for
github.com/ipfs/go-ipfs
(Go)
Jul 6, 2022
Malformed CAR panics and excessive memory usage
Moderate
GHSA-9x4h-8wgm-8xfg
was published
for
github.com/ipld/go-car
(Go)
Jul 6, 2022
ProTip!
Advisories are also available from the
GraphQL API