Sigstore Sigstore-go
2 CVEs affecting Sigstore Sigstore-go. Latest disclosed: 2026-07-17. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-49834 | Medium | 5.9 | 2026-07-17 | sigstore-go is a Go library for Sigstore signing and verification. Prior to 1.2.0, a verifier configured with WithTransparencyLog(N>1) or WithSignedCertificate… |
CVE-2024-45395 | Low | 3.1 | 2024-09-04 | sigstore-go, a Go library for Sigstore signing and verification, is susceptible to a denial of service attack in versions prior to 0.6.1 when a verifier is pro… |