VYPR

Go modules package

github.com/ipfs/go-libipfs

pkg:golang/github.com/ipfs/go-libipfs

Vulnerabilities (1)

  • CVE-2023-25568May 10, 2023
    affected >= 0.5.0, < 0.6.0fixed 0.6.0

    Boxo, formerly known as go-libipfs, is a library for building IPFS applications and implementations. In versions 0.4.0 and 0.5.0, if an attacker is able allocate arbitrary many bytes in the Bitswap server, those allocations are lasting even if the connection is closed. This affec