CVE-2025-70887 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An issue in ralphje Signify before v.0.9.2 allows a remote attacker to escalate privileges via the signed_data.py and the context.py components
High CVSS: 8.8

CVE-2025-70887

An issue in ralphje Signify before v.0.9.2 allows a remote attacker to escalate privileges via the signed_data.py and the context.py components
Vendor
Ralphje
Product
Signify
CWE
CWE-269
Yayın Tarihi
2026-03-25 19:16:28
Güncelleme
2026-04-01 13:59:07
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-269 Signify HIGH Ralphje 2026

Referanslar

https://github.com/mtrojnar/osslsigncode/issues/475 https://github.com/mtrojnar/osslsigncode/pull/477 https://github.com/mtrojnar/osslsigncode/releases/tag/2.11 https://github.com/ralphje/signify/commit/64f21c0cc06cea0536370686ca3ba7a01e4adaa8 https://github.com/ralphje/signify/issues/60