3.1.0
7 months ago
7 months ago
Known vulnerabilities in the org.webjars.npm:sigstore package. This does not include vulnerabilities belonging to this package’s dependencies.
Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
org.webjars.npm:sigstore is a code-signing for npm packages Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to the How to fix Improper Verification of Cryptographic Signature? There is no fixed version for | [0,) |