2 matches found
Sigstore 安全漏洞
Sigstore is an open-source software signature verification library developed by sigstore. Versions of Sigstore prior to 0.2.3 contained security vulnerabilities. These vulnerabilities stemmed from the improper propagation of failure messages during the verification process, which could lead to...
The vulnerability of the microprogramming software of the Cisco ASA security device allows a malicious individual to gain administrator privileges.
The vulnerability of Cisco ASA security devices’ microprogramming software lies in the improper handling of messages that occur during failures. Exploiting this vulnerability allows a malicious actor to remotely reconfigure the ASA device and then gain administrator privileges by sending speciall...