CVE-2025-64186
The CVE concerns the evervault-go SDK used for enclave attestation. A vulnerability in versions prior to 1.3.2 allowed incomplete attestation documents to pass validation, potentially causing a client to trust an enclave operator that does not meet integrity guarantees. The issue centers on insuf...