3 matches found
SUSE CVE-2025-66564
Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Prior to 2.0.3, Function api.ParseJSONRequest currently splits via a call to strings.Split an optionally-provided OID which is untrusted data on periods. Similarly, function api.getContentType splits the Content-Type heade...
CVE-2025-66564 vulnerabilities
Vulnerabilities for packages: gitsign, aactl, neuvector-sigstore-interface, zarf, kyverno, zot, kubescape, gh, crossplane, tkn, cosign, docker-cli-buildx, policy-controller, witness, ko, tekton-chains, skaffold, spire-server, teleport, tflint, goreleaser, kyverno-notation-aws, sigstore-scaffoldin...
CVE-2025-66564
Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Prior to 2.0.3, Function api.ParseJSONRequest currently splits via a call to strings.Split an optionally-provided OID which is untrusted data on periods. Similarly, function api.getContentType splits the Content-Type heade...