github.com/theupdateframework/go-tuf security advisories | proxy.golang.org

Top 1.2% on proxy.golang.org
Top 0.2% dependent packages on proxy.golang.org
Top 0.2% dependent repos on proxy.golang.org
Top 2.7% forks on proxy.golang.org
Top 0.2% docker downloads on proxy.golang.org

proxy.golang.org : github.com/theupdateframework/go-tuf

Go implementation of The Update Framework (TUF)

Registry - Source - Documentation - JSON
purl: pkg:golang/github.com/theupdateframework/go-tuf
Keywords: go , golang , hacktoberfest , security , supply-chain , tuf
License: BSD-3-Clause
Latest release: over 1 year ago
First release: about 3 years ago
Namespace: github.com/theupdateframework
Dependent packages: 650
Dependent repositories: 1,148
Stars: 531 on GitHub
Forks: 92 on GitHub
Docker dependents: 388
Docker downloads: 385,444,345
See more repository details: repos.ecosyste.ms
Last synced: about 9 hours ago

Low

GSA_kwCzR0hTQS0zNjMzLTVoODItMzlwcc4AAu1W

Go-tuf Improperly handles multiple key IDs for the same public keys in attacker-controlled metadata
Ecosystems: go
Packages: github.com/theupdateframework/go-tuf
Source: github
Published: over 2 years ago

High

GSA_kwCzR0hTQS02NngzLTZjdzMtdjVnas4AAqwc

Improper Validation of Integrity Check Value in go-tuf
Ecosystems: go
Packages: github.com/theupdateframework/go-tuf
Source: github
Published: almost 3 years ago

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Packages

proxy.golang.org : github.com/theupdateframework/go-tuf

GSA_kwCzR0hTQS0zNjMzLTVoODItMzlwcc4AAu1W

GSA_kwCzR0hTQS02NngzLTZjdzMtdjVnas4AAqwc