Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-77hh-43cm-v8j6
  • PyPI/tuf
 tuf's Metadata API: Targets.get_delegated_role() is missing input validation 16 Feb 2024
  • Fix available
GHSA-r7vq-6425-j94w
  • PyPI/tuf
 Python-TUF vulnerable to incorrect threshold signature computation for new root metadata 15 Sep 2022
  • Fix available
GHSA-wjw6-2cqr-j4qr
  • PyPI/tuf
 Client metadata path-traversal 19 Oct 2021
  • Fix available
  • Severity - 6.9 (Medium)
PYSEC-2021-376
  • PyPI/tuf
  • github.com/theupdateframework/python-tuf
 See record for full details 19 Oct 2021
  • Fix available
PYSEC-2020-145
  • PyPI/tuf
  • github.com/theupdateframework/tuf
 See record for full details 09 Sep 2020
  • Fix available
GHSA-f8mr-jv2c-v8mg
  • PyPI/tuf
 Invalid root may become trusted root in The Update Framework (TUF) 09 Sep 2020
  • Fix available
  • Severity - 6.3 (Medium)
GHSA-2828-9vh6-9m6j
  • PyPI/tuf
 Client Denial of Service on TUF 21 Aug 2020
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-pwqf-9h7j-7mv8
  • PyPI/tuf
 Incorrect threshold signature computation in TUF 21 Aug 2020
  • Fix available
  • Severity - 9.3 (Critical)
PYSEC-2020-147
  • PyPI/tuf
 See record for full details 05 Feb 2020
  • Fix available
PYSEC-2020-146
  • PyPI/tuf
 See record for full details 14 Jan 2020
  • Fix available