npm package
go-ipfs-dep
pkg:npm/go-ipfs-dep
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-10563 | Hig | 8.1 | < 0.4.4 | 0.4.4 | May 31, 2018 | During the installation process, the go-ipfs-deps module before 0.4.4 insecurely downloads resources over HTTP. This allows for a MITM attack to compromise the integrity of the resources used by this module and could allow for further compromise. |
- affected < 0.4.4fixed 0.4.4
During the installation process, the go-ipfs-deps module before 0.4.4 insecurely downloads resources over HTTP. This allows for a MITM attack to compromise the integrity of the resources used by this module and could allow for further compromise.