← All advisories

Moderate severityNVD Advisory· Published Jan 14, 2020· Updated Aug 4, 2024

CVE-2020-6173

CVE-2020-6173

Description

TUF (aka The Update Framework) 0.7.2 through 0.12.1 allows Uncontrolled Resource Consumption.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
tufPyPI	>= 0.7.2, < 0.12.2	0.12.2

Affected products

2

TUF/TUFdescription
ghsa-coords
pkg:pypi/tuf
Range: >= 0.7.2, < 0.12.2

Patches

Vulnerability mechanics

References

6

github.com/advisories/GHSA-2828-9vh6-9m6jghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2020-6173ghsaADVISORY
github.com/pypa/advisory-database/tree/main/vulns/tuf/PYSEC-2020-146.yamlghsaWEB
github.com/theupdateframework/tuf/commits/developghsax_refsource_MISCWEB
github.com/theupdateframework/tuf/issues/973ghsax_refsource_MISCWEB
github.com/theupdateframework/tuf/security/advisories/GHSA-2828-9vh6-9m6jghsaWEB

News mentions

0

No linked articles in our index yet.