sigstore-python 安全漏洞

sigstore-python is a Python tool for generating and verifying Sigstore signatures from the sigstore open source. A security vulnerability exists in sigstore-python versions prior to 2.0.0 through 3.6.0, which stems from insufficient validation of integration time in v2 and v3 bundles, and can cau...