Vulnerabilities > Linuxfoundation > THE Update Framework > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-09 | CVE-2020-15163 | Insufficient Verification of Data Authenticity vulnerability in Linuxfoundation the Update Framework Python TUF (The Update Framework) reference implementation before version 0.12 it will incorrectly trust a previously downloaded root metadata file which failed verification at download time. | 4.9 |
| 2020-01-14 | CVE-2020-6173 | Resource Exhaustion vulnerability in Linuxfoundation the Update Framework TUF (aka The Update Framework) 0.7.2 through 0.12.1 allows Uncontrolled Resource Consumption. | 5.0 |