Vulnerabilities

GHSA-hm8f-75xx-w2vr

sigstore CSRF possibility in OIDC authentication during signing

26 Jan

GHSA-hhfg-fwrw-87w7

sigstore has insufficient validation of integration timestamp during verification

11 Dec 2024