Security Advisory

CVE-2024-47534

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-01 15:17:47

Last updated 2024-11-21 16:56:38

Assigner GitHub_M

State PUBLISHED

Description

go-tuf is a Go implementation of The Update Framework (TUF). The go-tuf client inconsistently traces the delegations. For example, if targets delegate to "A", and to "B", and "B" delegates to "C", then the client should trace the delegations in the order "A" then "B" then "C" but it may incorrectly trace the delegations "B"->"C"->"A". This vulnerability is fixed in 2.0.1.

← Browse all CVEs View on cve.org ↗