VYPR

Go modules package

github.com/sigstore/timestamp-authority

pkg:golang/github.com/sigstore/timestamp-authority

Vulnerabilities (1)

  • CVE-2025-66564Dec 4, 2025
    affected < 2.0.3fixed 2.0.3

    Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Prior to 2.0.3, Function api.ParseJSONRequest currently splits (via a call to strings.Split) an optionally-provided OID (which is untrusted data) on periods. Similarly, function api.getContentType splits t