crossplane-fips-2.0
Chainguard
7.5
CVSS V3
Status
Impact
Remediating this vulnerability requires upgrading github.com/sigstore/timestamp-authority from v1.2.2 to v2.0.3. github.com/sigstore/timestamp-authority is a transitive dependency and attempting to upgrade results in build failures. See upstream automated open PR: https://github.com/crossplane/crossplane/pull/6970
Status