Skip to content

go-tuf Path Traversal in TAP 4 Multirepo Client Allows Arbitrary File Write via Malicious Repository Names

Moderate severity GitHub Reviewed Published Jan 26, 2026 in theupdateframework/go-tuf • Updated Jan 29, 2026
0 Open 0 Closed
Type
Filter by repository type
All
Public
Private
Internal
Sort
Sort by
Newest
Oldest

No open alerts for this advisory

Give feedback on Dependabot alerts