{"id":"PYSEC-2020-146","details":"TUF (aka The Update Framework) 0.7.2 through 0.12.1 allows Uncontrolled Resource Consumption.","aliases":["CVE-2020-6173","GHSA-2828-9vh6-9m6j"],"modified":"2023-11-08T04:03:56.811426Z","published":"2020-01-14T19:15:00Z","references":[{"type":"REPORT","url":"https://github.com/theupdateframework/tuf/issues/973"},{"type":"WEB","url":"https://github.com/theupdateframework/tuf/commits/develop"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-2828-9vh6-9m6j"}],"affected":[{"package":{"name":"tuf","ecosystem":"PyPI","purl":"pkg:pypi/tuf"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0.7.5"},{"fixed":"0.12.2"}]}],"versions":["0.7.5","0.9.8","0.9.9","0.10.0","0.10.1","0.10.2","0.11.dev0","0.11.0","0.11.1","0.11.2.dev1","0.11.2.dev2","0.11.2.dev3","0.12.dev0","0.12.dev1","0.12.dev2","0.12.0","0.12.1"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/tuf/PYSEC-2020-146.yaml"}}],"schema_version":"1.7.3"}