Man-in-the-Middle (MitM)

Affecting github.com/ipfs/go-ipfs/config package, versions *

medium severity

Overview

Affected versions of github.com/ipfs/go-ipfs/config are vulnerable to Man-in-the-Middle (MitM) attacks, as it does not encrypt the private key.

You can read more about Man-in-the-Middle (MitM) on our blog.

Remediation

There is no fix version for github.com/ipfs/go-ipfs/config.

References

Do your applications use this vulnerable package?

Credit
Unknown
CWE
CWE-300
Snyk ID
SNYK-GOLANG-GITHUBCOMIPFSGOIPFSCONFIG-50054
Disclosed
19 Sep, 2014
Published
10 Jan, 2018