github.com/sigstore/rekor is vulnerable to Denial Of Service (DoS). The vulnerability exists because the archive metadata file size is not checked before the files are read to memory which can lead to out of memory conditions resulting in an application crash.