2 matches found
GHSA-8XVP-7HJ6-MCJ9 GitHub CLI has an incorrect authorization header in API requests to TUF repository mirrors via `gh attestation`, `gh release verify`, and `gh release verify-asset` commands
Summary GitHub CLI incorrectly includes an authorization header in API requests to TUF repository mirrors via gh attestation, gh release verify, and gh release verify-asset commands. Affected users: - Authenticated github.com users who previously ran gh attestation commands, gh release verify, or...
trustee 授权问题漏洞
trustee is a component of Confidential Containers open source. An Authorization Problem vulnerability exists in trustee prior to version 0.8.2, which stems from the fact that an ART Attestation Results Token token generated by the AS may be manipulated by a MITM attacker, but can still be...