PT-2024-36570
Name of the Vulnerable Software and Affected Versions sigstore-python versions 2.0.0 through 3.6.0 Description The issue concerns insufficient validation of the "integration time" in "v2" and "v3" bundles during the verification flow. This affects versions of sigstore-python newer than 2.0.0 but...