2 matches found
CVE-2024-51746
Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. gitsign may select the wrong Rekor entry to use during online verification when multiple entries are returned by the log. gitsign uses Rekor's search API to fetch entries that apply to a signature...
Microsoft Research JavaScript Cryptography Library Security Bypass Vulnerability
Microsoft Research JavaScript Cryptography Library is a JavaScript cryptography library for cloud services from Microsoft USA that supports RSA encryption/decryption, AES-CBC encryption/decryption and GCM encryption/decryption. A security bypass vulnerability exists in the Microsoft Research...