Base library for Sigstore
95%
Total Score
76
100
100
100
100
| Title | Versions | Severity |
|---|---|---|
CVE-2026-48758 @sigstore/core is vulnerable to Improper Verification of Cryptographic Signature in versions 0.0.0 - 3.2.0. | 0.0.0 - 3.2.0 | Medium |
No direct dependencies.
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant