Scott113341

**Name of the Vulnerable Software and Affected Versions** go-ipfs-deps versions prior to 0.4.4 **Description** The issue allows for a MITM attack to compromise the integrity of the resources used by the go-ipfs-deps module, potentially leading to further compromise. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. The impact ranges from being able to read sensitive information to remote code execution. **Recommendations** Update to version 0.4.4 or later.