Sigstore Sigstore-go

2 CVEs affecting Sigstore Sigstore-go. Latest disclosed: 2026-07-17. Critical: 0, High: 0.

Top CVEs affecting Sigstore Sigstore-go
CVESeverityScorePublishedSummary
CVE-2026-49834Medium5.92026-07-17sigstore-go is a Go library for Sigstore signing and verification. Prior to 1.2.0, a verifier configured with WithTransparencyLog(N>1) or WithSignedCertificate…
CVE-2024-45395Low3.12024-09-04sigstore-go, a Go library for Sigstore signing and verification, is susceptible to a denial of service attack in versions prior to 0.6.1 when a verifier is pro…