pkg:PyPI/sigstore
2 total CVEs
✅ Check your installed version
All known vulnerabilities
NONE0.0CVE-2026-24408sigstore CSRF possibility in OIDC authentication during signing from 0, < 4.2.0
—CVE-2024-55655sigstore has insufficient validation of integration timestamp during verification >= 2.0.0, < 3.6.0