CVE-2020-26283

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-26283

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-26283.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-26283

Aliases

Related

GHSA-r4gv-vj59-cccm

Published

2021-03-24T21:15:11Z

Modified

2025-01-15T01:45:38.385658Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

go-ipfs is an open-source golang implementation of IPFS which is a global, versioned, peer-to-peer filesystem. In go-ipfs before version 0.8.0, control characters are not escaped from console output. This can result in hiding input from the user which could result in the user taking an unknown, malicious action. This is fixed in version 0.8.0.

References

Affected packages

Git / github.com/ipfs/go-ipfs

Affected ranges

Type: GIT
Repo: https://github.com/ipfs/go-ipfs
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

ce693d7e81e0206b3afbce30333c21a36a9f094b

Type: GIT
Repo: https://github.com/ipfs/kubo
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

fb0a9acd2d8288bd1028c3219a420de62a09683a

Fixed

fb0a9acd2d8288bd1028c3219a420de62a09683a

Affected versions

v0.*

v0.2.2

v0.2.2-buildfails

v0.2.3

v0.2.3-buildfails

v0.3.10

v0.3.11

v0.3.11-rc1

v0.3.2

v0.3.3

v0.3.3-buildfails

v0.3.4

v0.3.5

v0.3.6

v0.3.7

v0.3.8

v0.3.9

v0.4.0

v0.4.0-rc1

v0.4.0-rc2

v0.4.0-rc3

v0.4.1

v0.4.1-rc1

v0.4.10

v0.4.10-rc1

v0.4.11

v0.4.11-rc1

v0.4.11-rc2

v0.4.12

v0.4.12-rc1

v0.4.12-rc2

v0.4.13

v0.4.13-rc1

v0.4.14

v0.4.14-rc1

v0.4.14-rc2

v0.4.14-rc3

v0.4.15

v0.4.15-rc1

v0.4.16

v0.4.16-rc1

v0.4.16-rc2

v0.4.16-rc3

v0.4.17

v0.4.17-rc1

v0.4.18

v0.4.18-rc1

v0.4.18-rc2

v0.4.19

v0.4.19-rc1

v0.4.19-rc2

v0.4.2

v0.4.20

v0.4.20-rc1

v0.4.20-rc2

v0.4.21

v0.4.21-rc1

v0.4.21-rc2

v0.4.21-rc3

v0.4.22

v0.4.22-rc1

v0.4.23

v0.4.23-rc1

v0.4.23-rc2

v0.4.3

v0.4.3-dev

v0.4.3-rc1

v0.4.3-rc2

v0.4.3-rc3

v0.4.3-rc4

v0.4.4

v0.4.5

v0.4.5-pre1

v0.4.5-pre2

v0.4.5-rc1

v0.4.5-rc2

v0.4.5-rc3

v0.4.5-rc4

v0.4.6

v0.4.6-rc1

v0.4.7

v0.4.7-rc1

v0.4.8

v0.4.8-rc1

v0.4.9

v0.4.9-rc1

v0.4.9-rc2

v0.5.0

v0.5.0-rc1

v0.5.0-rc2

v0.5.0-rc3

v0.5.0-rc4

v0.5.1

v0.6.0

v0.6.0-rc1

v0.6.0-rc2

v0.6.0-rc3

v0.6.0-rc4

v0.6.0-rc5

v0.6.0-rc6

v0.6.0-rc7

v0.7.0

v0.7.0-rc1

v0.7.0-rc2

v0.8.0-rc1

v0.8.0-rc2