3 matches found
SUSE CVE-2025-66564
Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Prior to 2.0.3, Function api.ParseJSONRequest currently splits via a call to strings.Split an optionally-provided OID which is untrusted data on periods. Similarly, function api.getContentType splits the Content-Type heade...
CVE-2025-66564 vulnerabilities
Vulnerabilities for packages: aactl, kyverno, vexctl, gitsign, teleport, crossplane, policy-controller, kyverno-notation-aws, zarf, skaffold, tkn, zot, cosign, ko, sigstore-scaffolding, kubescape, tflint, neuvector-sigstore-interface, docker-cli-buildx, falcoctl, goreleaser, tekton-chains, gh,...
CVE-2025-66564
Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Prior to 2.0.3, Function api.ParseJSONRequest currently splits via a call to strings.Split an optionally-provided OID which is untrusted data on periods. Similarly, function api.getContentType splits the Content-Type heade...