GHSA-qjcv-rx3v-7mvj: github.com/cosmos/ibc-go affected by IBC protocol "Huckleberry" vulnerability

May 20, 2024

The ibc-go module is affected by the Inter-Blockchain Communication (IBC) protocol “Huckleberry” vulnerability.

References

forum.cosmos.network/t/ibc-security-advisory-huckleberry/10731
github.com/advisories/GHSA-qjcv-rx3v-7mvj
github.com/cosmos/ibc-go
github.com/cosmos/ibc-go/issues/1532
github.com/cosmos/ibc-go/releases/tag/v6.1.1
pkg.go.dev/vuln/GO-2023-1860

Code Behaviors & Features

Detect and mitigate GHSA-qjcv-rx3v-7mvj with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →