Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/03/29 10:44 p.m.18 views

CVE-2025-2886

Missing validation of terminating delegation causes the client to continue searching the defined delegation list, even after searching a terminating delegation. This could cause the client to fetch a target from an incorrect source, altering the target contents. Users should upgrade to tough...

5.7CVSS7.3AI score0.00307EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2025/03/28 10:13 p.m.3 views

tough-kms (>=0.2.0 <=0.5.0), tough-ssm (>=0.5.0 <=0.8.0) +1 more potentially affected by CVE-2025-2886 via tough (>=0.10.0 <=0.1.0)

tough CARGO version =0.10.0, =0.2.0, =0.5.0, =0.1.0, =0.9.0 Source cves: CVE-2025-2886 Source advisory: OSV:GHSA-V4WR-J3W6-MXQC...

5.7CVSS5.8AI score0.00307EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/03/27 10:22 p.m.5 views

CVE-2025-2886 Terminating targets role delegations are not respected in tough

Missing validation of terminating delegation causes the client to continue searching the defined delegation list, even after searching a terminating delegation. This could cause the client to fetch a target from an incorrect source, altering the target contents. Users should upgrade to tough...

5.7CVSS7.3AI score0.00307EPSS
Exploits0References3
CVE
CVE
added 2025/03/27 10:22 p.m.70 views

CVE-2025-2886

CVE-2025-2886 describes a flaw in the Amazon tough (TUF) client: missing validation of terminating delegations causes the client to continue searching the delegation list after a terminating delegation, potentially fetching a target from an incorrect source and altering contents. Affected softwar...

5.7CVSS6.7AI score0.00307EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/03/27 10:22 p.m.19 views

CVE-2025-2886 Terminating targets role delegations are not respected in tough

Missing validation of terminating delegation causes the client to continue searching the defined delegation list, even after searching a terminating delegation. This could cause the client to fetch a target from an incorrect source, altering the target contents. Users should upgrade to tough...

5.7CVSS0.00307EPSS
Exploits0References3
Rows per page
Query Builder