Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-2931

Malicious code in bioql PyPI...

8.2CVSS7.9AI score0.00486EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-47534

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - go-tuf is a Go implementation of The Update Framework TUF. The go-tuf client inconsistently traces the delegations. For example, if targets delegate to A, and t...

8.2CVSS7.1AI score0.00486EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2024/10/01 6:13 p.m.28 views

Incorrect delegation lookups can make go-tuf download the wrong artifact

During the ongoing work on the TUF conformance test suite, we have come across a test that reveals what we believe is a bug in go-tuf with security implications. The bug exists in go-tuf delegation tracing and could result in downloading the wrong artifact. We have come across this issue in the...

8.2CVSS6.8AI score0.00486EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2024/10/01 6:13 p.m.13 views

GHSA-4F8R-QQR9-FQ8J Incorrect delegation lookups can make go-tuf download the wrong artifact

During the ongoing work on the TUF conformance test suite, we have come across a test that reveals what we believe is a bug in go-tuf with security implications. The bug exists in go-tuf delegation tracing and could result in downloading the wrong artifact. We have come across this issue in the...

8.7CVSS9.3AI score0.00486EPSS
Exploits0References8
NVD
NVD
added 2024/10/01 4:15 p.m.17 views

CVE-2024-47534

go-tuf is a Go implementation of The Update Framework TUF. The go-tuf client inconsistently traces the delegations. For example, if targets delegate to "A", and to "B", and "B" delegates to "C", then the client should trace the delegations in the order "A" then "B" then "C" but it may incorrectly...

8.2CVSS0.00486EPSS
Exploits0References5
OSV
OSV
added 2024/10/01 4:15 p.m.1 views

UBUNTU-CVE-2024-47534

go-tuf is a Go implementation of The Update Framework TUF. The go-tuf client inconsistently traces the delegations. For example, if targets delegate to "A", and to "B", and "B" delegates to "C", then the client should trace the delegations in the order "A" then "B" then "C" but it may incorrectly...

8.2CVSS7.1AI score0.00486EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2024/10/01 3:17 p.m.3 views

CVE-2024-47534

go-tuf is a Go implementation of The Update Framework TUF. The go-tuf client inconsistently traces the delegations. For example, if targets delegate to "A", and to "B", and "B" delegates to "C", then the client should trace the delegations in the order "A" then "B" then "C" but it may incorrectly...

8.2CVSS7.5AI score0.00486EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/10/01 12:0 a.m.5 views

PT-2024-32647 · Go-Tuf +1 · Go-Tuf +1

Name of the Vulnerable Software and Affected Versions: go-tuf versions prior to 2.0.1 Description: The go-tuf client inconsistently traces the delegations, which can result in downloading the wrong artifact. For example, if targets delegate to "A" and "B", and "B" delegates to "C", the client...

9.9CVSS6.1AI score0.97781EPSS
Exploits21References144
Rows per page
Query Builder