All 2 CVE vulnerabilities found in timestamp-authority, with AI-generated Chinese analysis, references, and POCs.
Vendor: sigstore
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-39984 | Sigstore Timestamp Authority has Improper Certificate Validation in verifier CWE-295 | 5.5 | Medium | 2026-04-14 |
| CVE-2025-66564 | Sigstore Timestamp Authority allocates excessive memory during request parsing CWE-405 | 7.5 | High | 2025-12-04 |
All 2 known CVE vulnerabilities affecting timestamp-authority with full Chinese analysis, references, and POCs where available.