Vulnerabilities > Protocol > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-12-19 CVE-2022-47547 Improper Preservation of Permissions vulnerability in Protocol Gossipsub 1.1
GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score (and thus not be pruned from the network) even though it continuously misbehaves by never forwarding topic messages.
network
low complexity
protocol CWE-281
5.3
2021-03-24 CVE-2020-26283 Improper Encoding or Escaping of Output vulnerability in Protocol Go-Ipfs
go-ipfs is an open-source golang implementation of IPFS which is a global, versioned, peer-to-peer filesystem.
network
low complexity
protocol CWE-116
6.5
2021-03-24 CVE-2020-26279 Path Traversal vulnerability in Protocol Go-Ipfs
go-ipfs is an open-source golang implementation of IPFS which is a global, versioned, peer-to-peer filesystem.
network
low complexity
protocol CWE-22
5.5
2020-11-02 CVE-2020-10937 Unspecified vulnerability in Protocol Ipfs 0.4.23
An issue was discovered in IPFS (aka go-ipfs) 0.4.23.
network
low complexity
protocol
5.0