Github.com/sigstore/rekor
This hub aggregates every CVE we track for Github.com/sigstore/rekor, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
4
CVEs tracked
0
Critical
1
High
0
In CISA KEV
Severity distribution
MEDIUM3HIGH1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
0
0
0
0
0
2024-072026-06
Latest CVEs
The 4 most recently published vulnerabilities affecting Github.com/sigstore/rekor.
- CVE-2026-24117Rekor affected by Server-Side Request Forgery (SSRF) via provided public key URL5.3
- CVE-2026-23831Rekor COSE v0.0.1 Canonicalize crashes when passed empty Message5.3
- CVE-2023-33199malformed proposed intoto v0.0.2 entries can cause a panic in Rekor5.3
- CVE-2023-30551Rekor's compressed archives can result in OOM conditions7.5
Product normalization is registry-driven with AI assist and human review. How it works