CVE-2020-15163
CVE-2020-15163 affects the Python TUF (The Update Framework) reference implementation prior to 0.12, which could incorrectly trust a previously downloaded root metadata file that failed verification. An attacker capable of serving multiple new root-metadata versions (MITM) could culminate in a ve...