6.8 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
25.2%
Borg (aka BorgBackup) before 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest (list of archives), potentially allowing an attacker to spoof the list of archives.
borgbackup.readthedocs.io/en/stable/changes.html
www.securityfocus.com/bid/95205