4 matches found
CVE-2025-61779
Confidential Containers's Trustee project contains tools and components for attesting confidential guests and providing secrets to them. In versions prior to 0.15.0, the attestation-policy endpoint didn't check if the kbs-client submitting the request was actually authenticated had the right key...
EUVD-2025-33556
Confidential Containers's Trustee project contains tools and components for attesting confidential guests and providing secrets to them. In versions prior to 0.15.0, the attestation-policy endpoint didn't check if the kbs-client submitting the request was actually authenticated had the right key...
CVE-2025-61779 Trustee's attestation-policy endpoint is not protected by admin autentication
Confidential Containers's Trustee project contains tools and components for attesting confidential guests and providing secrets to them. In versions prior to 0.15.0, the attestation-policy endpoint didn't check if the kbs-client submitting the request was actually authenticated had the right key...
CVE-2025-61779
The CVE-2025-61779 issue affects Confidential Containers' Trustee project. In versions before 0.15.0, the attestation-policy endpoint did not verify that the kbs-client submitting a request was actually authenticated, allowing an unauthenticated client to change the attestation policy. The vulner...