{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-39984", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-04-08T00:01:47.628Z", "datePublished": "2026-04-14T23:41:47.909Z", "dateUpdated": "2026-04-14T23:41:47.909Z"}, "containers": {"cna": {"title": "Sigstore Timestamp Authority has Improper Certificate Validation in verifier", "problemTypes": [{"descriptions": [{"cweId": "CWE-295", "lang": "en", "description": "CWE-295: Improper Certificate Validation", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-xm5m-wgh2-rrg3", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-xm5m-wgh2-rrg3"}, {"name": "https://github.com/sigstore/timestamp-authority/releases/tag/v2.0.6", "tags": ["x_refsource_MISC"], "url": "https://github.com/sigstore/timestamp-authority/releases/tag/v2.0.6"}], "affected": [{"vendor": "sigstore", "product": "timestamp-authority", "versions": [{"version": "< 2.0.6", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-14T23:41:47.909Z"}, "descriptions": [{"lang": "en", "value": "Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Versions 2.0.5 and below contain an authorization bypass vulnerability in the VerifyTimestampResponse function. VerifyTimestampResponse correctly verifies the certificate chain signature, but the TSA-specific constraint checks in VerifyLeafCert uses the first non-CA certificate from the PKCS#7 certificate bag instead of the leaf certificate from the verified chain. An attacker can exploit this by prepending a forged certificate to the certificate bag while the message is signed with an authorized key, causing the library to validate the signature against one certificate but perform authorization checks against another. This vulnerability only affects users of the timestamp-authority/v2/pkg/verification package and does not affect the timestamp-authority service itself or sigstore-go. The issue has been fixed in version 2.0.6."}], "source": {"advisory": "GHSA-xm5m-wgh2-rrg3", "discovery": "UNKNOWN"}}}}

{}

{}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2.0.6)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "timestamp-authority", "source": "cna", "vendor": "sigstore"}, "product": "timestamp_authority", "vendor": "sigstore"}], "analysis": {"en": {"generated_at": "2026-04-15T01:50:48.318553+00:00", "value": {"mitigation_remediation": ["Upgrade to timestamp\u2011authority version\u00a02.0.6 or later", "Ensure that the VerifyTimestampResponse function is only called with certificates that originate from a trusted, validated source", "If an upgrade is not immediately possible, disable or restrict the use of the VerifyTimestampResponse function in client applications and monitor for unexpected certificate chains"], "summary": {"action": "Update Patch", "impact": "Authorization bypass via forged certificates"}, "threat_synthesis": {"affected_systems": "The affected product is the sigstore timestamp\u2011authority service. Versions 2.0.5 and earlier of the timestamp\u2011authority/v2/pkg/verification package are vulnerable. The issue was fixed in release 2.0.6.", "description_and_impact": "Sigstore Timestamp Authority implements RFC\u00a03161 timestamp verification, but the VerifyTimestampResponse function only verifies the signature chain and then incorrectly applies TSA\u2011specific constraints to the first non\u2011CA certificate in the PKCS#7 bag instead of the leaf certificate of the verified chain. An attacker can prepend a forged certificate to the bag while the signed message remains valid, causing the library to validate the signature against one certificate and apply authorization checks against another. This flaw allows an attacker to bypass authorization checks and potentially obtain timestamp responses that appear legitimately signed by an authorized key.", "risk_and_exploitability": "The CVSS score is 5.5, indicating a moderate severity. EPSS data is unavailable and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires an attacker to supply a crafted PKCS#7 certificate bag to a client that uses VerifyTimestampResponse; the service itself is not vulnerable. Attackers could thus forge timestamp responses that pass verification but bypass the intended authorization checks."}}}}, "created": "2026-04-15T13:48:23.610801+00:00", "updated": "2026-04-15T13:49:14.875478+00:00", "vendors": ["sigstore", "sigstore$PRODUCT$timestamp_authority"]}