📦 Tough

CVE-2021-41150 is a path traversal vulnerability in the Tough TUF library that allows attackers to overwrite arbitrary JSON files on the system when repositories are cached or loaded. This affects sys...

CVE-2021-41149 is a path traversal vulnerability in the Tough TUF library that allows attackers to overwrite arbitrary files on the system when caching repositories or saving targets. This affects all...

This vulnerability in the tough library allows attackers to supply arbitrary version numbers in root metadata files, potentially causing clients to fetch unintended versions of software packages. It a...

This vulnerability in the tough library allows clients to fetch target files from incorrect sources during delegated target rollbacks, potentially leading to altered file contents. It affects systems ...