Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Path traversal
Vulnerability Description
go-ipfs is an open-source golang implementation of IPFS which is a global, versioned, peer-to-peer filesystem. In go-ipfs before version 0.8.0-rc1, it is possible for path traversal to occur with DAGs containing relative paths during retrieval. This can cause files to be overwritten, or written to incorrect output directories. The issue can only occur when a get is done on an affected DAG. This is fixed in version 0.8.0-rc1.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Steven Allen go-ipfs 路径遍历漏洞
Vulnerability Description
Steven Allen go-ipfs是 Steven Allen开源的一个应用程序。一个全局的,版本化的对等文件系统。 go-ipfs before version 0.8.0-rc1 存在安全漏洞,检索过程中可能会使用包含相对路径的dag进行路径遍历。这可能会导致文件被覆盖,或写入到不正确的输出目录。
CVSS Information
N/A
Vulnerability Type
N/A