Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

gitsign — Vulnerabilities & Security Advisories 2

All 2 CVE vulnerabilities found in gitsign, with AI-generated Chinese analysis, references, and POCs.

Vendor: sigstore

CVE IDTitleCVSSSeverityPublished
CVE-2024-51746 Use of incorrect Rekor entries during verification in gitsign CWE-706 6.5 -2024-11-05
CVE-2023-47122 Gitsign's Rekor public keys fetched from upstream API instead of local TUF client. CWE-347 4.2 Medium2023-11-10

All 2 known CVE vulnerabilities affecting gitsign with full Chinese analysis, references, and POCs where available.