Vulnerability Report: GO-2025-4192
- CVE-2025-66564, GHSA-4qg8-fj49-pxjh
- Affects: github.com/sigstore/timestamp-authority, github.com/sigstore/timestamp-authority/v2
- Published: Dec 08, 2025
Sigstore Timestamp Authority allocates excessive memory during request parsing in github.com/sigstore/timestamp-authority
For detailed information about this vulnerability, visit https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-4qg8-fj49-pxjh or https://nvd.nist.gov/vuln/detail/CVE-2025-66564.
Affected Packages
-
PathVersionsSymbols
Aliases
References
- https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-4qg8-fj49-pxjh
- https://nvd.nist.gov/vuln/detail/CVE-2025-66564
- https://github.com/sigstore/timestamp-authority/commit/0cae34e197d685a14904e0bad135b89d13b69421
- https://vuln.go.dev/ID/GO-2025-4192.json
Feedback
See anything missing or incorrect?
Suggest an edit to this report.