Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

sigstore-python — Vulnerabilities & Security Advisories 2

All 2 CVE vulnerabilities found in sigstore-python, with AI-generated Chinese analysis, references, and POCs.

Vendor: sigstore

CVE IDTitleCVSSSeverityPublished
CVE-2026-24408 sigstore has CSRF possibility in OIDC authentication during signing CWE-352--2026-01-26
CVE-2024-55655 sigstore-python has insufficient validation of integration timestamp during verification CWE-20 6.5 -2024-12-10

All 2 known CVE vulnerabilities affecting sigstore-python with full Chinese analysis, references, and POCs where available.