CLEANSTART-2026-NV36169
See a problem?- Import Source
- https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-NV36169.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLEANSTART-2026-NV36169
- Upstream
- Published
- 2026-04-01T09:33:48.680625Z
- Modified
- 2026-04-01T18:49:03.555325Z
- Summary
- Security fixes for CVE-2025-61732, CVE-2025-66564, CVE-2025-68121, CVE-2026-24686, CVE-2026-25679, CVE-2026-26958, CVE-2026-27139, CVE-2026-27142, ghsa-fcv2-xgw5-pqxf applied in versions: 0.7.29-r1, 0.7.29-r2
- Details
-
Multiple security vulnerabilities affect the sigstore-scaffolding package. These issues are resolved in later releases. See references for individual vulnerability details.
- References
-
- https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-NV36169.json
- https://osv.dev/vulnerability/CVE-2025-61732
- https://osv.dev/vulnerability/CVE-2025-66564
- https://osv.dev/vulnerability/CVE-2025-68121
- https://osv.dev/vulnerability/CVE-2026-24686
- https://osv.dev/vulnerability/CVE-2026-25679
- https://osv.dev/vulnerability/CVE-2026-26958
- https://osv.dev/vulnerability/CVE-2026-27139
- https://osv.dev/vulnerability/CVE-2026-27142
- https://osv.dev/vulnerability/ghsa-fcv2-xgw5-pqxf
- https://nvd.nist.gov/vuln/detail/CVE-2025-61732
- https://nvd.nist.gov/vuln/detail/CVE-2025-66564
- https://nvd.nist.gov/vuln/detail/CVE-2025-68121
- https://nvd.nist.gov/vuln/detail/CVE-2026-24686
- https://nvd.nist.gov/vuln/detail/CVE-2026-25679
- https://nvd.nist.gov/vuln/detail/CVE-2026-26958
- https://nvd.nist.gov/vuln/detail/CVE-2026-27139
- https://nvd.nist.gov/vuln/detail/CVE-2026-27142