Browse all 8 CVE security advisories affecting ipfs. AI-powered Chinese analysis, POCs, and references for each vulnerability.
IPFS is a distributed protocol designed for decentralized file storage and content addressing, enabling persistent data sharing without centralized servers. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and insecure default configurations. While no major public security incidents have been widely documented, the 8 recorded CVEs highlight potential risks in implementations. The protocol's decentralized nature reduces single points of failure but introduces complex attack surfaces across nodes. Security remains a concern, particularly for deployments handling sensitive data, requiring careful hardening and regular updates to mitigate identified weaknesses.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2020-26283 | Control character injection in console output — go-ipfsCWE-116 | 6.8 | Medium | 2021-03-24 |
| CVE-2020-26279 | Path traversal — go-ipfsCWE-22 | 7.7 | High | 2021-03-24 |
This page lists every published CVE security advisory associated with ipfs. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.