CVE-2024-55655 | sigstore-python up to 3.5.x Integration Time missing cryptographic step (GHSA-hhfg-fwrw-87w7)

Inserito da Angelo Barbosa | Dic 11, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in sigstore-python up to 3.5.x. This issue affects some unknown processing of the component Integration Time. The manipulation leads to missing cryptographic step.

The identification of this vulnerability is CVE-2024-55655. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-55655 | sigstore-python up to 3.5.x Integration Time missing cryptographic step (GHSA-hhfg-fwrw-87w7)

Post correlati

CVE-2024-4669 | Events Addon for Elementor Plugin up to 2.1.4 on WordPress Widgets cross site scripting

CVE-2024-20265 | Cisco Aironet Access Point Secure Boot trust boundary violation (cisco-sa-ap-secureboot-bypass-zT5vJkSD)

VDB-249085 | Google Cloud Platform StackDriver server-side request forgery

CVE-2024-1552 | Mozilla Firefox up to 122 on 32-bit ARM Remote Code Execution