Lucene search
+L

4 matches found

NVD
NVD
added 2020/07/09 7:15 p.m.27 views

CVE-2020-15093

The tough library Rust/crates.io prior to version 0.7.1 does not properly verify the threshold of cryptographic signatures. It allows an attacker to duplicate a valid signature in order to circumvent TUF requiring a minimum threshold of unique signatures before the metadata is considered valid. A...

8.6CVSS0.01357EPSS
Exploits0References4
OSV
OSV
added 2020/07/09 7:15 p.m.15 views

CVE-2020-15093

The tough library Rust/crates.io prior to version 0.7.1 does not properly verify the threshold of cryptographic signatures. It allows an attacker to duplicate a valid signature in order to circumvent TUF requiring a minimum threshold of unique signatures before the metadata is considered valid. A...

8.6CVSS9.3AI score
Exploits0References4
Cvelist
Cvelist
added 2020/07/09 6:45 p.m.33 views

CVE-2020-15093 Improper verification of signature threshold in tough

The tough library Rust/crates.io prior to version 0.7.1 does not properly verify the threshold of cryptographic signatures. It allows an attacker to duplicate a valid signature in order to circumvent TUF requiring a minimum threshold of unique signatures before the metadata is considered valid. A...

8.6CVSS9.1AI score0.01357EPSS
Exploits0References4
CVE
CVE
added 2020/07/09 6:45 p.m.71 views

CVE-2020-15093

The CVE-2020-15093 entry concerns the tough library (Rust/crates.io) prior to version 0.7.1, where the threshold of cryptographic signatures is not properly verified. This allows an attacker to duplicate a valid signature to bypass TUF’s minimum threshold of unique signatures before metadata is c...

8.6CVSS9AI score0.01357EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder