Количество 2
Количество 2
CVE-2025-2886
Missing validation of terminating delegation causes the client to continue searching the defined delegation list, even after searching a terminating delegation. This could cause the client to fetch a target from an incorrect source, altering the target contents. Users should upgrade to tough version 0.20.0 or later and ensure any forked or derivative code is patched to incorporate the new fixes.
GHSA-v4wr-j3w6-mxqc
tough terminating targets role delegations are not respected
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-2886 Missing validation of terminating delegation causes the client to continue searching the defined delegation list, even after searching a terminating delegation. This could cause the client to fetch a target from an incorrect source, altering the target contents. Users should upgrade to tough version 0.20.0 or later and ensure any forked or derivative code is patched to incorporate the new fixes. | CVSS3: 4.5 | 0% Низкий | 11 месяцев назад |
| GHSA-v4wr-j3w6-mxqc tough terminating targets role delegations are not respected | CVSS3: 4.2 | 0% Низкий | 11 месяцев назад |
Уязвимостей на страницу