Vulnerability Report: GO-2022-0503
- GHSA-9x4h-8wgm-8xfg
- Affects: github.com/ipld/go-car, github.com/ipld/go-car/v2
- Published: Jul 30, 2022
- Modified: Jun 12, 2023
Decoding malformed CAR data can cause panics or excessive memory usage.
For detailed information about this vulnerability, visit https://github.com/advisories/GHSA-9x4h-8wgm-8xfg.
Affected Packages
-
PathVersionsSymbols
-
before v0.4.0all symbols
-
before v0.4.0all symbols
-
from v2.0.0 before v2.4.0all symbols
-
from v2.0.0 before v2.4.0all symbols
-
from v2.0.0 before v2.4.0all symbols
Aliases
References
Feedback
See anything missing or incorrect?
Suggest an edit to this report.