Skip to content

github.com/cosmos/ibc-go affected by IBC protocol "Huckleberry" vulnerability

Moderate severity GitHub Reviewed Published May 20, 2024 to the GitHub Advisory Database • Updated May 23, 2024

Package

gomod github.com/cosmos/ibc-go (Go)

Affected versions

<= 1.5.0

Patched versions

None
gomod github.com/cosmos/ibc-go/v2 (Go)
<= 2.5.0
None
gomod github.com/cosmos/ibc-go/v3 (Go)
<= 3.4.0
None
gomod github.com/cosmos/ibc-go/v4 (Go)
< 4.1.3
>= 4.2.0, < 4.2.2
>= 4.3.0, < 4.3.1
>= 4.4.0, < 4.4.1
4.1.3
4.2.2
4.3.1
4.4.1
gomod github.com/cosmos/ibc-go/v5 (Go)
< 5.2.1
>= 5.3.0, < 5.3.1
5.2.1
5.3.1
gomod github.com/cosmos/ibc-go/v6 (Go)
< 6.1.1
6.1.1
gomod github.com/cosmos/ibc-go/v7 (Go)
< 7.0.1
7.0.1

Description

The ibc-go module is affected by the Inter-Blockchain Communication (IBC) protocol "Huckleberry" vulnerability.

References

Published to the GitHub Advisory Database May 20, 2024
Reviewed May 20, 2024
Last updated May 23, 2024

Severity

Moderate

Weaknesses

No CWEs

CVE ID

No known CVE

GHSA ID

GHSA-qjcv-rx3v-7mvj

Source code

Checking history
See something to contribute? Suggest improvements for this vulnerability.