Browse all 8 CVE security advisories affecting ipfs. AI-powered Chinese analysis, POCs, and references for each vulnerability.
IPFS is a distributed protocol designed for decentralized file storage and content addressing, enabling persistent data sharing without centralized servers. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and insecure default configurations. While no major public security incidents have been widely documented, the 8 recorded CVEs highlight potential risks in implementations. The protocol's decentralized nature reduces single points of failure but introduces complex attack surfaces across nodes. Security remains a concern, particularly for deployments handling sensitive data, requiring careful hardening and regular updates to mitigate identified weaknesses.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-25568 | Boxo bitswap/server: DOS unbounded persistent memory leak — boxoCWE-400 | 8.2 | High | 2023-05-10 |
This page lists every published CVE security advisory associated with ipfs. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.